Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-10848

Опубликовано: 14 июл. 2025
Источник: oracle-oval
Платформа: Oracle Linux 9

Описание

ELSA-2025-10848: cloud-init security update (IMPORTANT)

[24.4-4.0.1.el9_6.3]

  • Fix Oracle Datasource network and getdata methods for OCI OL [Orabug: 35950168]
  • Fix log file permission [Orabug: 35302969]
  • Update detection logic for OL distros in config template [Orabug: 34845400]
  • Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938]
  • Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938]
  • Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672]
  • limit permissions [Orabug: 31352433]
  • Changes to ignore all enslaved interfaces [Orabug: 30092148]
  • Make Oracle datasource detect dracut based config files [Orabug: 29956753]
  • add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch:
    1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata
    2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader Resolves: Oracle-Bug:41660 (Bugzilla)
  • added OL to list of known distros Resolves: rhbz#1427280 Resolves: rhbz#1427280

[24.4-4.el9_6.3]

  • ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch [RHEL-100611]
  • ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch [RHEL-100611]
  • Resolves: RHEL-100611 (CVE-2024-6174 cloud-init: From CVEorg collector [rhel-9.6.z])

[24.4-4.el9_6.2]

  • Adding missed fix 'Retain exit code in cloud-init status for recoverable errors'
  • Resolves: RHEL-101693

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

cloud-init

24.4-4.0.1.el9_6.3

Oracle Linux x86_64

cloud-init

24.4-4.0.1.el9_6.3

Связанные CVE

Связанные уязвимости

CVSS3: 8.8
ubuntu
около 2 месяцев назад

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.

CVSS3: 8.8
redhat
около 2 месяцев назад

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.

CVSS3: 8.8
nvd
около 2 месяцев назад

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.

CVSS3: 8.8
msrc
около 1 месяца назад

Описание отсутствует

CVSS3: 8.8
debian
около 2 месяцев назад

When a non-x86 platform is detected, cloud-init grants root access to ...