cloud-init-24.4-4.el9_6.3.ML.1
エラータID: AXSA:2025-10645:08
Release date:
Wednesday, July 30, 2025 - 10:23
Subject:
cloud-init-24.4-4.el9_6.3.ML.1
Affected Channels:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts.
Security Fix(es):
* cloud-init: Cloud init permissions flaw (CVE-2024-6174)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2024-6174
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
Solution:
Update packages.
CVEs:
CVE-2024-6174
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
Additional Info:
N/A
Download:
SRPMS
- cloud-init-24.4-4.el9_6.3.ML.1.src.rpm
MD5: bb99c0a52888b8c7ed2cac1ee16041be
SHA-256: fa7e20de786f2722c65f5d646d8f0ad47d80ff6b2f8e86a2a2cf2f56cdb9cc42
Size: 1.86 MB
Asianux Server 9 for x86_64
- cloud-init-24.4-4.el9_6.3.ML.1.noarch.rpm
MD5: d224f2a380dce614017da417049bf182
SHA-256: 558989adde2674ae166a2c2145bbd0e63d5aaa0842925596f4da306b1e22f04b
Size: 1.33 MB
日本語