CVE ID : CVE-2024-11584
Published : June 26, 2025, 10:15 a.m. | 48 minutes ago
Description : cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This being used for the “/run/cloud-init/hook-hotplug-cmd” FIFO. An unprivelege user could trigger hotplug-hook commands.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More