The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2010-08-05 13:22
Updated : 2024-02-04 17:54
NVD link : CVE-2010-2526
Mitre link : CVE-2010-2526
CVE.ORG link : CVE-2010-2526
JSON object : View
Products Affected
heinz_mauelshagen
- lvm2
redhat
- cluster_suite
- enterprise_linux
CWE
CWE-287
Improper Authentication