Описание
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
An access permissions flaw was found in cloud-init. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded URL with a local IP address, which creates a security exposure.
Отчет
This vulnerability is Important rather than Moderate because it directly impacts the security boundary between a system’s local environment and potentially untrusted network metadata sources. On non-x86 platforms, the fallback to platform enumeration with default datasource scanning could allow cloud-init to treat a malicious or spoofed local metadata service as authoritative, granting root-level execution of arbitrary user-data or scripts during early boot. Since cloud-init runs before most security controls are active, exploitation would provide persistent and unrestricted system compromise with no user interaction.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | cloud-init | Out of support scope | ||
| Red Hat Enterprise Linux 10 | cloud-init | Fixed | RHSA-2025:10844 | 14.07.2025 |
| Red Hat Enterprise Linux 8 | cloud-init | Fixed | RHSA-2025:11324 | 16.07.2025 |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | cloud-init | Fixed | RHSA-2025:11337 | 16.07.2025 |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | cloud-init | Fixed | RHSA-2025:11337 | 16.07.2025 |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | cloud-init | Fixed | RHSA-2025:11337 | 16.07.2025 |
| Red Hat Enterprise Linux 8.8 Telecommunications Update Service | cloud-init | Fixed | RHSA-2025:11339 | 16.07.2025 |
| Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | cloud-init | Fixed | RHSA-2025:11339 | 16.07.2025 |
| Red Hat Enterprise Linux 9 | cloud-init | Fixed | RHSA-2025:10848 | 14.07.2025 |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | cloud-init | Fixed | RHSA-2025:11295 | 16.07.2025 |
Показывать по
Дополнительная информация
Статус:
8.8 High
CVSS3
Связанные уязвимости
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
When a non-x86 platform is detected, cloud-init grants root access to ...
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
8.8 High
CVSS3