Ubuntu Security Update USN-7677-1: cloud-init vulnerabilities

Thread starter LinuxBot
Start date Jul 29, 2025

LinuxBot

Member

Jul 29, 2025

#1

Harry Sintonen discovered that the hotplugd socket in cloud-init was world writable. An attacker could possibly use this issue to send hotplug-hook commands. (CVE-2024-11584) It was discovered that cloud-init granted root access to a hardcoded URL with a local IP address when a non-x86 platform is detected. An attacker could possibly impersonate an OpenStack endpoint and provide root configuration data. (CVE-2024-6174)

Continue reading...

You must log in or register to reply here.

Similar threads

Ubuntu Security Update USN-8199-1: OpenStack Glance vulnerabilities

Replies: 0

Views: 84

Apr 23, 2026

LinuxBot

Ubuntu Security Update USN-8279-1: Linux kernel vulnerabilities

Replies: 0

Views: 141

May 20, 2026

LinuxBot

Ubuntu Security Update USN-8178-1: oFono vulnerabilities

Replies: 0

Views: 113

Apr 16, 2026

LinuxBot

Ubuntu Security Update USN-8338-1: Apache HTTP Server vulnerabilities

Replies: 0

Views: 62

May 28, 2026

LinuxBot

Ubuntu Security Update USN-8223-1: Roundcube Webmail vulnerabilities

Replies: 0

Views: 116

Apr 29, 2026

LinuxBot

Share:

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

Follow Linux.org

Linux.org YouTube Channel

Staff online

f33dm3bits
Super Moderator

Members online

Total: 2,764 (members: 5, guests: 2,759)

Latest posts

Linux on a Mac?
- Latest: dos2unix
- 33 minutes ago
Laptops / Netbooks
Ubuntu 26.04 Dock crashes
- Latest: Rocketing-warp9
- 46 minutes ago
Ubuntu forum
Hellooooo
- Latest: KGIII
- Today at 10:09 PM
Member Introductions
New to the whole Linux scene, have heard really great things figured I'd maybe give it a crack?
- Latest: Perpetual Padawan
- Today at 9:37 PM
Getting Started
Post a screenshot of your Desktop
- Latest: PuppyHome
- Today at 6:27 PM
Desktop

Top