Skip to main content

Ubuntu CVE-2024-11584

| EUVDEUVD-2024-54980 MEDIUM
Incorrect Permission Assignment for Critical Resource (CWE-732)
2025-06-26 security@ubuntu.com
5.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.9 MEDIUM
AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Ubuntu
MEDIUM
qualitative
SUSE
MEDIUM
qualitative
Red Hat
5.9 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
EUVD ID Assigned
Mar 15, 2026 - 23:54 euvd
EUVD-2024-54980
Analysis Generated
Mar 15, 2026 - 23:54 vuln.today
Patch released
Mar 15, 2026 - 23:54 nvd
Patch available
CVE Published
Jun 26, 2025 - 10:15 nvd
MEDIUM 5.9

DescriptionCVE.org

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.

Analysis

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.

Technical ContextAI

This vulnerability is classified as Incorrect Permission Assignment for Critical Resource (CWE-732).

RemediationAI

A vendor patch is available. Apply it as soon as possible and verify the fix.

Vendor StatusVendor

Ubuntu

Priority: Medium
cloud-init
Release Status Version
xenial not-affected -
upstream released 25.1.3
trusty DNE -
oracular ignored end of life, was needed
bionic released 23.1.2-0ubuntu0~18.04.1+esm1
focal released 24.4.1-0ubuntu0~20.04.3+esm1
jammy released 25.1.4-0ubuntu0~22.04.1
noble released 25.1.4-0ubuntu0~24.04.1
plucky released 25.1.4-0ubuntu0~25.04.1

Debian

Bug #1108402
cloud-init
Release Status Fixed Version Urgency
bullseye vulnerable 20.4.1-2+deb11u1 -
bookworm fixed 22.4.2-1+deb12u3 -
trixie fixed 25.1.4-1+deb13u1 -
forky, sid fixed 25.3-2 -
(unstable) fixed 25.1.4-1 -

SUSE

Severity: Medium
Product Status
Image SL-Micro-Azure Image SL-Micro-BYOS-Azure Image SL-Micro-BYOS-EC2 Image SL-Micro-EC2 Image SUSE-Multi-Linux-Manager-Proxy-BYOS-Azure Image SUSE-Multi-Linux-Manager-Proxy-BYOS-EC2 Image SUSE-Multi-Linux-Manager-Server-Azure-llc Image SUSE-Multi-Linux-Manager-Server-Azure-ltd Image SUSE-Multi-Linux-Manager-Server-BYOS-Azure Image SUSE-Multi-Linux-Manager-Server-BYOS-EC2 Image SUSE-Multi-Linux-Manager-Server-EC2-llc Image SUSE-Multi-Linux-Manager-Server-EC2-ltd Affected
Image SLES-Azure-3P Image SLES-Azure-Basic Image SLES-Azure-Standard Image SLES-BYOS-Azure Image SLES-BYOS-EC2 Image SLES-CHOST-BYOS-Aliyun Image SLES-CHOST-BYOS-Azure Image SLES-CHOST-BYOS-EC2 Image SLES-CHOST-BYOS-GDC Image SLES-CHOST-BYOS-SAP-CCloud Image SLES-EC2 Image SLES-Hardened-BYOS-Azure Image SLES-Hardened-BYOS-EC2 Image SLES-SAP-Azure Image SLES-SAP-Azure-3P Image SLES-SAP-BYOS-Azure Image SLES-SAP-BYOS-EC2 Image SLES-SAPCAL-Azure Image SLES-SAPCAL-EC2 Affected
SUSE Linux Enterprise Server 16.0 Fixed
SUSE Linux Enterprise Server for SAP applications 16.0 Fixed
SUSE Linux Micro 6.0 Fixed

Share

CVE-2024-11584 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy