Primary

Context

Canonical Cloud-Init Hotplug Socket World-Writable Vulnerability

Vulnerability

Patched

A vulnerability in Canonical Cloud-Init versions through 25.1.2 allows for the 'cloud-init-hotplugd.socket' systemd socket unit to be world-writable. The default 'SocketMode' grants 0666 permissions, which could be exploited by an unprivileged user to trigger hotplug-hook commands. This vulnerability arises because the socket listens on a FIFO file that can be manipulated by any user.

Impact

Exploitation of this vulnerability could allow an unprivileged user to execute hotplug-hook commands, potentially leading to unauthorized actions or changes in the system's state.

Remediation

Users can upgrade to Cloud-Init version 25.1.3, where this vulnerability has been addressed. Instructions for downloading this version are available on the Cloud-Init GitHub releases page.

Added: Jun 26, 2025, 10:23 AM

Updated: Jun 26, 2025, 10:23 AM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Canonical Cloud-Init Hotplug Socket World-Writable Vulnerability

Vulnerability

Impact

Remediation

Affected Products

canonical cloud-init

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating