Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

rhel 6
obsolete weakness #284


Weakness Breakdown


An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.

Warning code(s):

This C routine is considered obsolete.

File Name:



The highlighted line of code below is the trigger point of this particular Red Hat Enterprise Linux 6 obsolete weakness.


 * I'd rather have these wait macros be inline, but S3 has made it 
 * darned near impossible.  The bit fields are in a different place in
 * all three families, the status register has a different address in the
 * three families, and even the idle vs busy sense flipped in the Sav2K.

static void
ResetBCI2K( SavagePtr psav )
    CARD32 cob = INREG( 0x48c18 );
    /* if BCI is enabled and BCI is busy... */

	(cob & 0x00000008) &&
	! (ALT_STATUS_WORD0 & 0x00200000)
	ErrorF( "Resetting BCI, stat = %08lx...\n",
		(unsigned long) ALT_STATUS_WORD0);
	/* Turn off BCI */
	OUTREG( 0x48c18, cob & ~8 );
	/* Turn it back on */
	OUTREG( 0x48c18, cob );

static Bool
ShadowWait( SavagePtr psav )
    int loop = 0;

    if( !psav->NoPCIRetry )
	return 0;

    psav->ShadowCounter = (psav->ShadowCounter + 1) & 0xffff;
    if (psav->ShadowCounter == 0)
	psav->ShadowCounter++; /* 0 is reserved for the BIOS
				  to avoid confusion in the DRM */
    BCI_SEND( psav->dwBCIWait2DIdle );
    BCI_SEND( 0x98000000 + psav->ShadowCounter );

	(int)(psav->ShadowVirtual[psav->eventStatusReg] & 0xffff) !=
	psav->ShadowCounter && (loop++ < MAXLOOP) 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.