CVE-2024-6174

Published June 26th, 2025

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.

canonical/cloud-init

Official upstream for the cloud-init: cloud instance initialization

GitHub

3.71K