Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

centos 7
misc weakness #407


Weakness Breakdown


The software specifies permissions for a security-critical resource in a way that allows the resource to be read or modified by unintended actors.

Warning code(s):

It's often easy to fool getlogin. Sometimes it does not work at all, because some program messed up the utmp file. Often, it gives only the first 8 characters of the login name. The user currently logged in on the controlling tty of our program need not be the user who started it. Avoid getlogin.

File Name:



The highlighted line of code below is the trigger point of this particular Centos 7 misc weakness.

    if (salvo || blitz || closepack)
	(void) printw("Playing optional game (");
	if (salvo)
	    (void) printw("salvo, ");
	    (void) printw("nosalvo, ");
	if (blitz)
	    (void) printw("blitz ");
	    (void) printw("noblitz, ");
	if (closepack)
	    (void) printw("closepack)");
	    (void) printw("noclosepack)");
	(void) printw(
	"Playing standard game (noblitz, nosalvo, noclosepack)");

static void intro(void)
    extern char *getlogin(void);
    char *tmpname;

    srand((unsigned)(time(0L)+getpid()));	/* Kick the random number generator */

    (void) signal(SIGINT,uninitgame);
    (void) signal(SIGINT,uninitgame);
    (void) signal(SIGIOT,uninitgame);		/* for assert(3) */
    if(signal(SIGQUIT,SIG_IGN) != SIG_IGN)

    if((tmpname = getlogin()) != 0)
	name[0] = toupper(name[0]);

#ifdef KEY_MIN
    keypad(stdscr, TRUE);
#endif /* KEY_MIN */

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.