openEuler 22.03 LTS SP4 update for cloud-init
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2024-11584 CVE-2024-6174 |
| CWE-ID | CWE-276 CWE-345 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
openEuler Operating systems & Components / Operating system cloud-init-help Operating systems & Components / Operating system package or component cloud-init Operating systems & Components / Operating system package or component |
| Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Incorrect default permissions
EUVDB-ID: #VU112883
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-11584
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to software includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. A local user with access to the system can execute hotplug-hook commands.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
cloud-init-help: before 21.4-36
cloud-init: before 21.4-36
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:a:openeuler:cloud-init-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:cloud-init:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1785
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Insufficient verification of data authenticity
EUVDB-ID: #VU112884
Risk: High
CVSSv4.0: 5.2 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-6174
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists in the way the application identified the boot data source. An attacker can create a rogue service on the local network to impersonate an openstack endpoint and provide root-configuration data to cloud-init on instance launch leading to a security backdoor to root during system boot.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP4
cloud-init-help: before 21.4-36
cloud-init: before 21.4-36
CPE2.3- cpe:2.3:o:openeuler:openeuler:22.03:LTS SP4:*:*:*:*:*:*
- cpe:2.3:a:openeuler:cloud-init-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:cloud-init:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1785
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
