What's new

Merlin should patch this sudo linux vulnerability asap!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

lermy3d

New Around Here
"A flaw was found in sudo."
https://access.redhat.com/security/cve/CVE-2021-3156

The redhat team has discovered and have already patched their sudo package of their products, the risk of having this issue hanging around in all linux routers is too high! Since:
"Successful exploitation of this flaw could lead to privilege escalation."

Any chance we can get this patched before the current beta is released?
 
And even if it did, you'd need a local session (i.e. ssh into the router) to be able to exploit it. Which, seems unlikely to be a risk given that if you can ssh into the router, you've an admin already ;)
 
But, I wanted to be sure I was ribbing you. ;)
 
The redhat team has discovered and have already patched their sudo package of their products, the risk of having this issue hanging around in all linux routers is too high! Since:
"Successful exploitation of this flaw could lead to privilege escalation."

Most consumer routers don't have sudo (or the full gnu userland tools).

More of a concern with folks that use things like RPi or similar that are debian based, and there, fix is pretty much in for Raspbian and Armbian...
 
Most consumer routers don't have sudo (or the full gnu userland tools).

More of a concern with folks that use things like RPi or similar that are debian based, and there, fix is pretty much in for Raspbian and Armbian...

Yep got my RPIs “sudo” updated yesterday.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top