Name of the Vulnerable Software and Affected Versions: cloud-init versions above 19.2

Description: The issue affects cloud instances that rely on special scripts to run during initialization, including retrieving and installing SSH keys and running user scripts. A problem occurs when configuring static and default routes to the same destination IP, causing route configuration failures. Additionally, the cloud-init service may fail to start after a package update.

Recommendations: For versions above 19.2, consider temporarily disabling the route configuration feature until a patch is available. As a temporary workaround, restrict the use of the cloud-init service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.