漏洞描述
在Red Hat Global File System (GFS)以及其他产品中使用的LVM2 2.02.72之前版本中的lvm2-cluster的集群逻辑卷管理器守护进程(clvmd)没有过滤套接字连接上的客户端证书。本地用户可以借助特制的控制命令导致拒绝服务(守护进程退出或逻辑量变化)或者引起其他未明影响。
LVM2 lvm2-cluster集群逻辑卷管理器守护进程拒绝服务漏洞
PoC代码
暂无相关漏洞推荐
- POC ack-cluster-api-public: Public Access to ACK Cluster's API Server - Enabled
- POC ack-cluster-auditing-disable: Cluster Auditing with Simple Log Service - Disabled
- POC ack-cluster-cloud-monitor-disable: Cloud Monitor for ACK Clusters - Disable
- POC ack-cluster-health-disable: ACK Clusters Check - Disable
- POC ack-cluster-network-policies-disable: Enforced Cluster Support for Network Policies - Disabled
- POC ack-cluster-network-policies-missing: Cluster Support for Network Policies - Missing
- POC eks-cluster-logging: Kubernetes Cluster Logging
- POC rds-cluster-protection-disabled: RDS Cluster Deletion Protection - Disabled
- POC inspur-clusterengine-default-login: Inspur Clusterengine 4 - Default Admin Login
- POC inspur-clusterengine-default-login: Inspur Clusterengine 4 - Default Admin Login
- POC unauth-cluster-trino: Cluster Overview - Unauthenticated Dashboard Exposure
- POC ganglia-cluster-dashboard: Ganglia Cluster Dashboard - Detect
- POC inspur-clusterengine-rce: Inspur Clusterengine V4 SYSshell - Remote Command Execution