Ubuntu Security Update USN-7677-1: cloud-init vulnerabilities

Thread starter LinuxBot
Start date Jul 29, 2025

LinuxBot

Member

Jul 29, 2025

#1

Harry Sintonen discovered that the hotplugd socket in cloud-init was world writable. An attacker could possibly use this issue to send hotplug-hook commands. (CVE-2024-11584) It was discovered that cloud-init granted root access to a hardcoded URL with a local IP address when a non-x86 platform is detected. An attacker could possibly impersonate an OpenStack endpoint and provide root configuration data. (CVE-2024-6174)

Continue reading...

You must log in or register to reply here.

Similar threads

Ubuntu Security Update USN-8199-1: OpenStack Glance vulnerabilities

Replies: 0

Views: 84

Apr 23, 2026

LinuxBot

Ubuntu Security Update USN-8279-1: Linux kernel vulnerabilities

Replies: 0

Views: 141

May 20, 2026

LinuxBot

Ubuntu Security Update USN-8178-1: oFono vulnerabilities

Replies: 0

Views: 113

Apr 16, 2026

LinuxBot

Ubuntu Security Update USN-8338-1: Apache HTTP Server vulnerabilities

Replies: 0

Views: 62

May 28, 2026

LinuxBot

Ubuntu Security Update USN-8223-1: Roundcube Webmail vulnerabilities

Replies: 0

Views: 116

Apr 29, 2026

LinuxBot

Share:

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

Follow Linux.org

Linux.org YouTube Channel

Members online

Total: 1,839 (members: 6, guests: 1,833)

Latest posts

Linux on a Mac?
- Latest: Rocketing-warp9
- 6 minutes ago
Laptops / Netbooks
Hellooooo
- Latest: MikeRocor
- Yesterday at 11:32 PM
Member Introductions
Post a screenshot of your Desktop
- Latest: MikeWalsh
- Yesterday at 11:27 PM
Desktop
Ubuntu 26.04 Dock crashes
- Latest: Rocketing-warp9
- Yesterday at 10:30 PM
Ubuntu forum
New to the whole Linux scene, have heard really great things figured I'd maybe give it a crack?
- Latest: Perpetual Padawan
- Yesterday at 9:37 PM
Getting Started

Top