cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.
                
            Metrics
Affected Vendors & Products
References
        History
                    Fri, 05 Sep 2025 15:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| CPEs | cpe:2.3:a:canonical:cloud-init:*:*:*:*:*:*:*:* | 
Tue, 08 Jul 2025 02:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Title | cloud-init: From CVEorg collector | cloud-init: Cloud init permissions handling flaw | 
Fri, 27 Jun 2025 00:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Title | cloud-init: From CVEorg collector | |
| Weaknesses | CWE-276 | |
| References |  | |
| Metrics | threat_severity 
 | threat_severity 
 | 
Thu, 26 Jun 2025 19:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This being used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivelege user could trigger hotplug-hook commands. | cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands. | 
Thu, 26 Jun 2025 13:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Weaknesses | CWE-732 | |
| Metrics | ssvc 
 | 
Thu, 26 Jun 2025 09:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This being used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivelege user could trigger hotplug-hook commands. | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: canonical
Published: 2025-06-26T09:25:20.199Z
Updated: 2025-06-26T19:14:46.084Z
Reserved: 2024-11-20T23:04:27.187Z
Link: CVE-2024-11584
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-06-26T13:00:35.108Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2025-06-26T10:15:24.703
Modified: 2025-09-05T15:20:25.690
Link: CVE-2024-11584
 Redhat
                        Redhat