CVE-2012-6639

Published: 25 November 2019

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

Priority

Low

CVSS 3 base score: 8.8

Status

Package Release Status
cloud-init
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)
Patches:
Upstream: http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/revision/635