Update Feb 3, 2021: It has been reported that macOS, AIX, and Solaris are also vulnerable to CVE-2021-3156, and that others may also still be vulnerable. Qualys has not independently verified the…
Just came across this new vulnerability but couldn't find a discussion here. I have tried sudoedit -s / to check this on a random cPanel server with CentOS 7 and it does seem to show the vulnerability as mentioned in the FAQ there:
[email protected] [~]# sudoedit -s /
sudoedit: effective uid is not 0, is /usr/bin/sudoedit on a file system with the 'nosuid' option set or an NFS file system without root privileges?
Last edited by a moderator: