Fedora 42 : cloud-init (2025-b93ee7b368)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b93ee7b368 advisory. Backport fixes for CVE-2024-6174 and CVE-2024-11584 - cloud-init included the systemd socket unit cloud-init-hotplugd.socket with default SocketMode...

Fedora 41 : cloud-init (2025-58f05c43ae)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-58f05c43ae advisory. Backport fixes for CVE-2024-6174 and CVE-2024-11584 - cloud-init included the systemd socket unit cloud-init-hotplugd.socket with default SocketMode...

USN-7677-1: cloud-init vulnerabilities

Harry Sintonen discovered that the hotplugd socket in cloud-init was world writable. An attacker could possibly use this issue to send hotplug-hook commands. CVE-2024-11584 It was discovered that cloud-init granted root access to a hardcoded URL with a local IP address when a non-x86 platform is...

NewStart CGSL MAIN 7.02 : cloud-init Multiple Vulnerabilities (NS-SA-2025-0173)

The remote NewStart CGSL host, running version MAIN 7.02, has cloud-init packages installed that are affected by multiple vulnerabilities: - Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed...

Important: Red Hat Security Advisory: cloud-init security update

An update for cloud-init is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...