The cluster logical volume manager daemon in LVM2 did not correctly validate credentials. A local user could use this flaw to manipulate logical volumes without root privileges and cause a denial of service in the cluster.