CVE-2024-11584 – Cloud-init systemd Socket Unit Permission Vulnerability

June 26, 2025

CVE ID : CVE-2024-11584

Published : June 26, 2025, 10:15 a.m. | 48 minutes ago

Description : cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This being used for the “/run/cloud-init/hook-hotplug-cmd” FIFO. An unprivelege user could trigger hotplug-hook commands.

Severity: 5.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-6174 – Microsoft Azure Cloud-Init Local IP Access Grant

Next Article CVE-2025-52934 – Apache HTTP Server Missing Configuration

tRPC vs GraphQL vs REST: Choosing the right API design for modern web applications

Jakarta EE 11 Platform launches with modernized Test Compatibility Kit framework

Can Good UX Protect Older Users From Digital Scams?

Warp 2.0 evolves terminal experience into an Agentic Development Environment

Microsoft Copilot secures a spot in classrooms as a “thought partner” — with Copilot Chat backed by OpenAI’s GPT-4o

OpenAI started as a “countervailing force” to Google — did Elon Musk and Sam Altman torpedo DeepMind’s plans to dictate AGI?

Gears of War: Reloaded preorders — where to buy and everything you need to know

OpenAI’s Sam Altman breaks silence on Microsoft feud with Satya Nadella — citing “points of tension” amid evolution plans

Are Semantic Layers Sexy Again? or The Rise and Fall and Rise of Semantic Layers

Are Semantic Layers Sexy Again? or The Rise and Fall and Rise of Semantic Layers

Salesforce Marketing Cloud Engagement vs. Oracle Eloqua

Exploring Lucidworks Fusion and Coveo Using Apache Solr

Microsoft Copilot secures a spot in classrooms as a “thought partner” — with Copilot Chat backed by OpenAI’s GPT-4o

Microsoft Copilot secures a spot in classrooms as a “thought partner” — with Copilot Chat backed by OpenAI’s GPT-4o

OpenAI started as a “countervailing force” to Google — did Elon Musk and Sam Altman torpedo DeepMind’s plans to dictate AGI?

Gears of War: Reloaded preorders — where to buy and everything you need to know

CVE-2024-11584 – Cloud-init systemd Socket Unit Permission Vulnerability

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

Apple Overhauls EU App Store Policy: New Fees & Open External Purchases After €500M Fine

CVE-2025-5525 – “Jrohy Trojan LogChan os Command Injection Vulnerability”

keepsuit/laravel-opentelemetry

Automating complex document processing: How Onity Group built an intelligent solution using Amazon Bedrock

CVE-2025-6621 – TOTOLINK CA300-PoE Os Command Injection Vulnerability

DOOM: The Dark Ages reaches 3 million players 7x faster than DOOM: Eternal

Lenovo and Superfish? Don’t panic, you may not be affected

Multi-Agentic Systems in Industry with XMPro & MongoDB Atlas

CVE-2025-4247 – SourceCodester Simple To-Do List System SQL Injection Vulnerability

CVE-2024-11584 – Cloud-init systemd Socket Unit Permission Vulnerability

Related Posts