CVE-2010-2526

Name of the Vulnerable Software and Affected Versions lvm2 versions prior to 2.02.72 lvm2-udeb (affected versions not specified)

Description The issue affects the lvm2 package in Debian GNU/Linux and the cluster logical volume manager daemon (clvmd) in lvm2-cluster. It allows a local attacker to exploit vulnerabilities, potentially leading to a denial of service or other unspecified impacts. The exploitation can be done through crafted control commands due to the lack of client credential verification upon socket connection. This may result in the disruption of confidentiality, integrity, and availability of protected information.

Recommendations For lvm2 versions prior to 2.02.72, update to version 2.02.72 or later to resolve the issue. For lvm2-udeb, at the moment, there is no information about a newer version that contains a fix for this vulnerability.