CVSS: 2.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8991
https://notcve.org/view.php?id=CVE-2020-8991
14 Feb 2020 — vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs. NOTE: RedHat disputes CVE-2020-8991 as not being a vulnerability since there’s no apparent route to either privilege escalation or to denial of service through the bug ** EN DISPUTA ** vg_lookup en daemons / lvmetad / lvmetad-core.c en LVM2 2.02 administra mal la memoria, lo que lleva a una pérdida de memoria lvmetad, como lo demuestra la ejecución de pvs. NOTA: RedH... • https://sourceware.org/git/?p=lvm2.git%3Ba=commit%3Bh=bcf9556b8fcd16ad8997f80cc92785f295c66701 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 1CVE-2010-2526 – lvm2-cluster: insecurity when communicating between lvm2 and clvmd
https://notcve.org/view.php?id=CVE-2010-2526
04 Aug 2010 — The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands. El cluster logical volume manager daemon (clvmd) en lvm2-cluster en LVM2 anterior v2.02.72, como el usado en Red Hat Global File Sys... • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html • CWE-287: Improper Authentication •