Ekanth Sethuramalingam

**Name of the Vulnerable Software and Affected Versions** Apache Hadoop versions 2.0.0-alpha through 2.8.4 Apache Hadoop versions 2.9.0 through 2.9.1 Apache Hadoop versions 3.0.0-alpha1 through 3.0.3 Apache Hadoop versions 3.1.0 through 3.1.1 **Description** The user/group information can be corrupted when storing in fsimage and reading back from fsimage. **Recommendations** For versions 2.0.0-alpha through 2.8.4, update to a version outside of this range to resolve the issue. For versions 2.9.0 through 2.9.1, update to a version outside of this range to resolve the issue. For versions 3.0.0-alpha1 through 3.0.3, update to a version outside of this range to resolve the issue. For versions 3.1.0 through 3.1.1, update to a version outside of this range to resolve the issue.