Merlin should patch this sudo linux vulnerability asap!

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

lermy3d

New Around Here
"A flaw was found in sudo."
https://access.redhat.com/security/cve/CVE-2021-3156

The redhat team has discovered and have already patched their sudo package of their products, the risk of having this issue hanging around in all linux routers is too high! Since:
"Successful exploitation of this flaw could lead to privilege escalation."

Any chance we can get this patched before the current beta is released?
 

cptnoblivious

Regular Contributor
And even if it did, you'd need a local session (i.e. ssh into the router) to be able to exploit it. Which, seems unlikely to be a risk given that if you can ssh into the router, you've an admin already ;)
 

L&LD

Part of the Furniture

L&LD

Part of the Furniture
But, I wanted to be sure I was ribbing you. ;)
 

sfx2000

Part of the Furniture
The redhat team has discovered and have already patched their sudo package of their products, the risk of having this issue hanging around in all linux routers is too high! Since:
"Successful exploitation of this flaw could lead to privilege escalation."

Most consumer routers don't have sudo (or the full gnu userland tools).

More of a concern with folks that use things like RPi or similar that are debian based, and there, fix is pretty much in for Raspbian and Armbian...
 

Marin

Very Senior Member
Most consumer routers don't have sudo (or the full gnu userland tools).

More of a concern with folks that use things like RPi or similar that are debian based, and there, fix is pretty much in for Raspbian and Armbian...

Yep got my RPIs “sudo” updated yesterday.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top