Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24716
HistorySep 12, 2010 - 12:00 a.m.

[ MDVSA-2010:171 ] lvm2

2010-09-1200:00:00
vulners.com
14
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2010:171
http://www.mandriva.com/security/

Package : lvm2
Date : September 6, 2010
Affected: 2009.1, 2010.0, 2010.1

Problem Description:

A vulnerability has been found and corrected in lvm2:

The cluster logical volume manager daemon (clvmd) in lvm2-cluster
in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS)
and other products, does not verify client credentials upon a socket
connection, which allows local users to cause a denial of service
(daemon exit or logical-volume change) or possibly have unspecified
other impact via crafted control commands (CVE-2010-2526).

The updated packages have been patched to correct this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2526

Updated Packages:

Mandriva Linux 2009.1:
11ac47baa0dffc858deae4847afc95bc 2009.1/i586/clvmd-2.02.33-8.1mnb2.i586.rpm
3e28f4c39a97f96dff14ea07e63c0375 2009.1/i586/lvm2-2.02.33-8.1mnb2.i586.rpm
1473d81d8d69eecfffeba569d6a524ab 2009.1/SRPMS/lvm2-2.02.33-8.1mnb2.src.rpm

Mandriva Linux 2009.1/X86_64:
f3c07dc0fa38749ea2be8b8a334e08c7 2009.1/x86_64/clvmd-2.02.33-8.1mnb2.x86_64.rpm
18f0a933f3236c38a7b2f0c8fdfb0516 2009.1/x86_64/lvm2-2.02.33-8.1mnb2.x86_64.rpm
1473d81d8d69eecfffeba569d6a524ab 2009.1/SRPMS/lvm2-2.02.33-8.1mnb2.src.rpm

Mandriva Linux 2010.0:
28d2ca049d8736523166f7c99730550d 2010.0/i586/clvmd-2.02.53-9.2mnb2.i586.rpm
e6456c6b7f8b64bb9579cd485fd1883c 2010.0/i586/dmsetup-1.02.38-9.2mnb2.i586.rpm
f44de286bd97799df0633639605f9a7b 2010.0/i586/libdevmapper1.02-1.02.38-9.2mnb2.i586.rpm
9b497f111670636f1dfc9fd3d0635b63 2010.0/i586/libdevmapper-devel-1.02.38-9.2mnb2.i586.rpm
dc1d8288bc99b1a1e18508d6a0edb595 2010.0/i586/libdevmapper-event1.02-1.02.38-9.2mnb2.i586.rpm
9b01ee505c3a4949fa0f161c03280b83 2010.0/i586/libdevmapper-event-devel-1.02.38-9.2mnb2.i586.rpm
61cfd88b9c6789d37fdaf4f6254116ff 2010.0/i586/liblvm2cmd2.02-2.02.53-9.2mnb2.i586.rpm
929d5d33f66502a078cd8212e1b537b1 2010.0/i586/liblvm2cmd-devel-2.02.53-9.2mnb2.i586.rpm
b17cbac08c61dce99597e6dbb6702045 2010.0/i586/lvm2-2.02.53-9.2mnb2.i586.rpm
27e1f390f03910f521d6c9248fd28cfb 2010.0/SRPMS/lvm2-2.02.53-9.2mnb2.src.rpm

Mandriva Linux 2010.0/X86_64:
3bf5a13a5e066af39062bdaa7a4e6d87 2010.0/x86_64/clvmd-2.02.53-9.2mnb2.x86_64.rpm
aa1f570c9a929aee83dd9547ae905468 2010.0/x86_64/dmsetup-1.02.38-9.2mnb2.x86_64.rpm
81f077f42936ec8be557105a220a149b 2010.0/x86_64/lib64devmapper1.02-1.02.38-9.2mnb2.x86_64.rpm
e90c54801d5d3e201d68731e2cbc4dc5 2010.0/x86_64/lib64devmapper-devel-1.02.38-9.2mnb2.x86_64.rpm
56d2c5cd25dfef94a15568c420743fea 2010.0/x86_64/lib64devmapper-event1.02-1.02.38-9.2mnb2.x86_64.rpm
4cff5d26f20d11a57a7dffe7fb3421a8 2010.0/x86_64/lib64devmapper-event-devel-1.02.38-9.2mnb2.x86_64.rpm
40f4f8aa95abd23c8640e5cf22031b02 2010.0/x86_64/lib64lvm2cmd2.02-2.02.53-9.2mnb2.x86_64.rpm
a87f6ecae4c05b5ced933cb3468ed499 2010.0/x86_64/lib64lvm2cmd-devel-2.02.53-9.2mnb2.x86_64.rpm
96c9b9781d1168c90a557cc583930a7e 2010.0/x86_64/lvm2-2.02.53-9.2mnb2.x86_64.rpm
27e1f390f03910f521d6c9248fd28cfb 2010.0/SRPMS/lvm2-2.02.53-9.2mnb2.src.rpm

Mandriva Linux 2010.1:
48f74df7e0156e45f230429aa41cea7a 2010.1/i586/clvmd-2.02.61-5.1mnb2.i586.rpm
a5fa92bb7251a9f9b9a651a9d681c470 2010.1/i586/cmirror-2.02.61-5.1mnb2.i586.rpm
c7281a45862b7460be4b9623165cc591 2010.1/i586/dmsetup-1.02.44-5.1mnb2.i586.rpm
98c4f715edc57a2a81631cb2ab9a824b 2010.1/i586/libdevmapper1.02-1.02.44-5.1mnb2.i586.rpm
e5b0271e14e85ad94cb3e746960993b1 2010.1/i586/libdevmapper-devel-1.02.44-5.1mnb2.i586.rpm
2b83f2c3a303604e42868b074364b017 2010.1/i586/libdevmapper-event1.02-1.02.44-5.1mnb2.i586.rpm
aef97aaed0fd616df5a046d9b05f55e2 2010.1/i586/libdevmapper-event-devel-1.02.44-5.1mnb2.i586.rpm
1ed885e2a23ca5f9bdaa5796615feeea 2010.1/i586/liblvm2app2.1-2.02.61-5.1mnb2.i586.rpm
9a62cea841692f4a744019664cb6b959 2010.1/i586/liblvm2cmd2.02-2.02.61-5.1mnb2.i586.rpm
a1bc253b7a92b6c7b1ac96e7e2521ee3 2010.1/i586/liblvm2cmd-devel-2.02.61-5.1mnb2.i586.rpm
972c3885883f95b793e4dfaa46121685 2010.1/i586/liblvm2-devel-2.02.61-5.1mnb2.i586.rpm
08190534acaa182f48f8c2aca8b3ad31 2010.1/i586/lvm2-2.02.61-5.1mnb2.i586.rpm
3de3e283a5907efe36b7f5b9038c32a2 2010.1/SRPMS/lvm2-2.02.61-5.1mnb2.src.rpm

Mandriva Linux 2010.1/X86_64:
3c33074b320e7b7651b9872674bce70b 2010.1/x86_64/clvmd-2.02.61-5.1mnb2.x86_64.rpm
e0bcdee0b2f4e725bfd17b35a9959aa0 2010.1/x86_64/cmirror-2.02.61-5.1mnb2.x86_64.rpm
47c54c45f3f00ae9fe0f9176623739ac 2010.1/x86_64/dmsetup-1.02.44-5.1mnb2.x86_64.rpm
0b25f189581132d3d0bcf736f66ae4c9 2010.1/x86_64/lib64devmapper1.02-1.02.44-5.1mnb2.x86_64.rpm
d3b6a286c01ed42a08301f5425d5e13b 2010.1/x86_64/lib64devmapper-devel-1.02.44-5.1mnb2.x86_64.rpm
7f0596865ef0a8baec758a106a030749 2010.1/x86_64/lib64devmapper-event1.02-1.02.44-5.1mnb2.x86_64.rpm
9346f3ad1ce7d7b9cb68ab77adf1d809 2010.1/x86_64/lib64devmapper-event-devel-1.02.44-5.1mnb2.x86_64.rpm
4c70fc76e4330e61d8b013e5f5396349 2010.1/x86_64/lib64lvm2app2.1-2.02.61-5.1mnb2.x86_64.rpm
248c9c277bd694c1c5f239f2f8dcb983 2010.1/x86_64/lib64lvm2cmd2.02-2.02.61-5.1mnb2.x86_64.rpm
edd014cb4cd0a637ca2e6038d6473958 2010.1/x86_64/lib64lvm2cmd-devel-2.02.61-5.1mnb2.x86_64.rpm
5a5db48748ff8e3ad9c6fcfbab003013 2010.1/x86_64/lib64lvm2-devel-2.02.61-5.1mnb2.x86_64.rpm
8ba0060f839c48eda20db9299933f527 2010.1/x86_64/lvm2-2.02.61-5.1mnb2.x86_64.rpm
3de3e283a5907efe36b7f5b9038c32a2 2010.1/SRPMS/lvm2-2.02.61-5.1mnb2.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMhMgBmqjQ0CJFipgRAoeBAKCwND3HDmabTzsVVnJJB9Tq6+imGQCgqRAE
DFyM1mq7f33nL+kHFr1LlBo=
=zRsP
-----END PGP SIGNATURE-----

Related

openvas 18
nessus 14
fedora 4
cve 1
redhat 2
debian 2
ubuntucve 1
debiancve 1
veracode 1
oraclelinux 1
ubuntu 1
centos 1
prion 1
osv 1
gentoo 1
openvas
openvas
Debian Security Advisory DSA 2095-1 (lvm2)
2010-10-10 00:00:00
Fedora Update for lvm2 FEDORA-2010-13239
2010-12-02 00:00:00
CentOS Update for lvm2-cluster CESA-2010:0567 centos5 i386
2011-08-09 00:00:00
nessus
nessus
SuSE 11.1 Security Update : LVM2 (SAT Patch Number 2982)
2011-01-21 00:00:00
Fedora 14 : lvm2-2.02.73-1.fc14 (2010-13239)
2010-09-02 00:00:00
Mandriva Linux Security Advisory : lvm2 (MDVSA-2010:171)
2010-09-07 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: udisks-1.0.1-4.fc13
2010-09-11 09:01:07
[SECURITY] Fedora 13 Update: lvm2-2.02.73-2.fc13
2010-09-11 09:01:07
[SECURITY] Fedora 14 Update: lvm2-2.02.73-1.fc14
2010-09-02 03:57:01
cve
cve
CVE-2010-2526
2010-08-05 13:22:00
redhat
redhat
(RHSA-2010:0568) Moderate: lvm2-cluster security update
2010-07-28 00:00:00
(RHSA-2010:0567) Moderate: lvm2-cluster security update
2010-07-28 00:00:00
debian
debian
[SECURITY] [DSA 2095-1] New lvm2 packages fix denial of service
2010-08-23 10:12:46
[SECURITY] [DSA 2095-1] New lvm2 packages fix denial of service
2010-08-23 10:12:46
ubuntucve
ubuntucve
CVE-2010-2526
2010-08-05 00:00:00
debiancve
debiancve
CVE-2010-2526
2010-08-05 13:22:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:46:28
oraclelinux
oraclelinux
lvm2-cluster security update
2010-07-28 00:00:00
ubuntu
ubuntu
LVM2 vulnerability
2010-10-06 00:00:00
centos
centos
lvm2 security update
2010-07-29 13:37:04
prion
prion
Design/Logic Flaw
2010-08-05 13:22:00
osv
osv
lvm2 - denial of service
2010-08-23 00:00:00
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00
JSON
Related for SECURITYVULNS:DOC:24716
openvas18nessus14fedora4cve1redhat2debian2ubuntucve1debiancve1veracode1oraclelinux1ubuntu1centos1prion1osv1gentoo1