Ubuntu Security Notice 6042-2 - USN-6042-1 fixed a vulnerability in Cloud-init. The update introduced a regression on Ubuntu 20.04 LTS resulting in a possible loss of networking. This update fixes the problem. James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege.
bd9d029d71c12c48e74d69927fca0cae93e4e48cbf1d15f31294447890f6d2ba==========================================================================
Ubuntu Security Notice USN-6042-2
May 23, 2023
cloud-init regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
USN-6042-1 introduced a regression in Cloud-init.
Software Description:
- cloud-init: initialization and customization tool for cloud instances
Details:
USN-6042-1 fixed a vulnerability in Cloud-init. The update introduced a
regression on Ubuntu 20.04 LTS resulting in a possible loss of networking.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
James Golovich discovered that sensitive data could be exposed in logs. An
attacker could use this information to find hashed passwords and possibly
escalate their privilege.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
cloud-init 23.1.2-0ubuntu0~20.04.2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6042-2
https://ubuntu.com/security/notices/USN-6042-1
https://launchpad.net/bugs/2020375
Package Information:
https://launchpad.net/ubuntu/+source/cloud-init/23.1.2-0ubuntu0~20.04.2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed