A vulnerability has been found and corrected in lvm2: The cluster logical volume manager daemon in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted control commands . The updated packages have been patched to correct this issue.