USN-6042-2

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-6042-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6042-2.json

JSON Data

https://api.osv.dev/v1/vulns/USN-6042-2

Published

2023-05-23T13:40:50Z

Modified

2026-02-10T04:43:06Z

Summary

cloud-init regression

Details

USN-6042-1 fixed a vulnerability in Cloud-init. The update introduced a regression on Ubuntu 20.04 LTS resulting in a possible loss of networking. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

References

Affected packages

Ubuntu:20.04:LTS / cloud-init

Package

Name: cloud-init
Purl: pkg:deb/ubuntu/cloud-init@23.1.2-0ubuntu0~20.04.2?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

23.1.2-0ubuntu0~20.04.2

Affected versions

19.*

19.2-36-g059d049c-0ubuntu3

19.2-78-ge8138959-0ubuntu1

19.3-0ubuntu1

19.3-23-gfb04493e-0ubuntu1

19.3-30-g4bc399e0-0ubuntu1

19.3-40-gf69d33a7-0ubuntu1

19.3-41-gc4735dd3-0ubuntu1

19.3-74-g129b1c4e-0ubuntu1

19.4-1-g8c96cbc1-0ubuntu1

19.4-16-gf8950d63-0ubuntu1

19.4-31-g3f6192b3-0ubuntu1

19.4-33-gbb4131a2-0ubuntu1

19.4-56-g06e324ff-0ubuntu1

20.*

20.1-0ubuntu1

20.1-5-g67c8e53c-0ubuntu1

20.1-9-g1f860e5a-0ubuntu1

20.1-10-g71af48df-0ubuntu1

20.1-10-g71af48df-0ubuntu2

20.1-10-g71af48df-0ubuntu3

20.1-10-g71af48df-0ubuntu5

20.2-45-g5f7825e2-0ubuntu1~20.04.1

20.3-2-g371b392c-0ubuntu1~20.04.1

20.4-0ubuntu1~20.04.1

20.4-0ubuntu1~20.04.2

20.4.1-0ubuntu1~20.04.1

21.*

21.1-19-gbad84ad4-0ubuntu1~20.04.1

21.1-19-gbad84ad4-0ubuntu1~20.04.2

21.2-3-g899bfaa9-0ubuntu2~20.04.1

21.3-1-g6803368d-0ubuntu1~20.04.3

21.3-1-g6803368d-0ubuntu1~20.04.4

21.4-0ubuntu1~20.04.1

22.*

22.1-14-g2e17a0d6-0ubuntu1~20.04.2

22.1-14-g2e17a0d6-0ubuntu1~20.04.3

22.2-0ubuntu1~20.04.1

22.2-0ubuntu1~20.04.2

22.2-0ubuntu1~20.04.3

22.3.4-0ubuntu1~20.04.1

22.4.2-0ubuntu0~20.04.1

22.4.2-0ubuntu0~20.04.2

23.*

23.1.1-0ubuntu0~20.04.1

23.1.2-0ubuntu0~20.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "23.1.2-0ubuntu0~20.04.2",
            "binary_name": "cloud-init"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6042-2.json"

cves_map

{
    "ecosystem": "Ubuntu:20.04:LTS",
    "cves": []
}