Regarding CVE-2021-3156
Incident Report for Liquid Web - Services
Resolved
Our teams have resolved this sudo vulnerability across our systems. Please reach out if you have any questions.
Posted Feb 19, 2021 - 08:31 CST
Update
Patching is in progress. Additional information will be provided as it becomes available.
Posted Jan 28, 2021 - 01:07 CST
Identified
We are aware of a recently discovered Linux exploit regarding the sudo package. While this is a serious security issue that was discovered, our team is monitoring the situation very closely with the linux software providers. Automatic updates are enabled by default, if your system has not been modified to change this behavior, the new version of the sudo package will be automatically installed soon after it has been released upstream.

More technical information can be found here:
https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

If you have any questions or concerns, please contact a member of our support team via live-chat, ticket (support@liquidweb.com), or by phone at (800)-580-4985, (517)-322-0434 (international).
Posted Jan 26, 2021 - 20:16 CST