SB2025073162 - Ubuntu update for cloud-init 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025073162

SB2025073162 - Ubuntu update for cloud-init

Published: July 31, 2025

Security Bulletin ID SB2025073162
Severity
High
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Adjecent network
Highest impact Code execution

Breakdown by Severity

High 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Incorrect default permissions (CVE-ID: CVE-2024-11584)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to software includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. A local user with access to the system can execute hotplug-hook commands.


2) Insufficient verification of data authenticity (CVE-ID: CVE-2024-6174)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists in the way the application identified the boot data source. An attacker can create a rogue service on the local network to impersonate an openstack endpoint and provide root-configuration data to cloud-init on instance launch leading to a security backdoor to root during system boot.


Remediation

Install update from vendor's website.

References