cloud-init-23.4-7.el8_10.10.ML.1
エラータID: AXSA:2025-10524:06
リリース日:
2025/07/18 Friday - 17:08
題名:
cloud-init-23.4-7.el8_10.10.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts.
Security Fix(es):
* cloud-init: Cloud init permissions flaw (CVE-2024-6174)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2024-6174
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
解決策:
Update packages.
CVE:
CVE-2024-6174
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
追加情報:
N/A
ダウンロード:
SRPMS
- cloud-init-23.4-7.el8_10.10.ML.1.src.rpm
MD5: 7c382c06fdbf849a2721c61e55da6892
SHA-256: be808b20a45d1ade7bb420bfc2124550b622039d376d08ed5f1eec7b43cc9af1
Size: 1.69 MB
Asianux Server 8 for x86_64
- cloud-init-23.4-7.el8_10.10.ML.1.noarch.rpm
MD5: 2351a577a9821df03c2aa66a7b0e9dd8
SHA-256: 349558d377e7fa22f03161ed403bafb884c61b1e9a406172ea5706217a3ebe87
Size: 1.29 MB