Oddbloke

**Name of the Vulnerable Software and Affected Versions** cloud-init versions prior to 21.2 cloud-init versions prior to 21.1.19 **Description** When instructing cloud-init to set a random password for a new user account, the password would be written to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user. **Recommendations** For versions prior to 21.2, update to version 21.2 or later to resolve the issue. For versions prior to 21.1.19, update to version 21.1.19 or later to resolve the issue. As a temporary workaround, consider restricting access to the /var/log/cloud-init-output.log file to minimize the risk of exploitation.