Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2025/07/16 3:43 p.m.8 views

cloud-init: Cloud init permissions flaw

An access permissions flaw was found in cloud-init. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded URL with a local IP address, which creates a security exposure...

8.8CVSS5.7AI score0.00203EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/07/16 12:0 a.m.5 views

Azure Linux 3.0 Security Update: cloud-init (CVE-2024-6174)

The version of cloud-init installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6174 advisory. - When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP...

8.8CVSS5.5AI score0.00203EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/07/14 7:13 a.m.5 views

cloud-init: Cloud init permissions flaw

An access permissions flaw was found in cloud-init. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded URL with a local IP address, which creates a security exposure...

8.8CVSS5.7AI score0.00203EPSS
Exploits0References6
OSV
OSV
added 2025/07/11 12:21 p.m.5 views

OESA-2025-1786 cloud-init security update

Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance. Security Fixes: cloud-init is an industry-standard multi-distribution method for cross-platform cloud instance initialization by Canonical. There is a security vulnerability in cloud-init...

8.8CVSS6.8AI score0.00203EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.3 views

CBL Mariner 2.0 Security Update: cloud-init (CVE-2024-6174)

The version of cloud-init installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6174 advisory. - When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP...

8.8CVSS5.5AI score0.00203EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/10 12:0 a.m.8 views

Amazon Linux 2 : cloud-init (ALAS-2025-2926)

The version of cloud-init installed on the remote host is prior to 19.3-46. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2926 advisory. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,...

8.8CVSS5.5AI score0.00203EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/07/10 12:0 a.m.8 views

Amazon Linux 2023 : cloud-init, cloud-init-cfg-ec2, cloud-init-cfg-onprem (ALAS2023-2025-1082)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1082 advisory. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration...

8.8CVSS5.4AI score0.00203EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/06/26 10:15 a.m.1 views

CVE-2024-6174

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration...

8.8CVSS7.1AI score0.00203EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/26 9:15 a.m.9 views

CVE-2024-6174

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration...

8.8CVSS0.00203EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/26 12:0 a.m.4 views

PT-2025-26944

Name of the Vulnerable Software and Affected Versions: cloud-init affected versions not specified Description: The issue occurs when a non-x86 platform is detected, causing cloud-init to grant root access to a hardcoded URL with a local IP address. By default, cloud-init configurations disable...

8.8CVSS6.1AI score0.00203EPSS
Exploits0References43
UbuntuCve
UbuntuCve
added 2011/03/25 12:0 a.m.20 views

CVE-2011-1476

Integer underflow in the Open Sound System OSS subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service memory corruption by leveraging write access to /dev/sequencer...

4CVSS5.9AI score0.00425EPSS
Exploits1References11
Rows per page
Query Builder