We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm.
Reserved 2024-08-21 | Published 2024-10-02 | Updated 2024-11-01 | Assigner canonicalPedro Guimaraes
Harry Pidcock
Mark Esler
github.com/juju/juju/security/advisories/GHSA-8v4w-f4r9-7h6x
www.cve.org/CVERecord?id=CVE-2024-8037
Support options