alt Hacker NewsI would worry less about big shared hosting providers, who have a strong interest in patching their stuff quickly, than the market of people who get one or two dedicated servers or KVM VMs and then install cpanel on them and for the rest of the time they use it, ignore the CLI of the servers and never patch anything. There's a lot of small users of cpanel that have just a few licenses.
You misunderstood the scope and severity of the bug entirely.
Yes, if you are a single tenant, this diminishes defense in depth, so an attacker that gets access with a user like www-data can escalate to root, sure.
But more importantly, on multi-tenant systems, one tenant can get root and pwn all the other tenants.
Big shared hosting providers are the most vulnerable, 'just patching' stuff might work sure, but there's several scenarios where it might not be enough, like lightning striking twice as it just happened. Or an attacker getting in before the patch.