Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

rhel 6
shell weakness #5


Weakness Breakdown


A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:



The highlighted line of code below is the trigger point of this particular Red Hat Enterprise Linux 6 shell weakness.

	sigaddset(&blockmask, SIGCHLD);
	res = sigprocmask(SIG_BLOCK, &blockmask, &oldmask);
	if (res == -1) {
		fprintf(stderr, "%s: sigprocmask: %s\n", progname, strerror(errno));
		return -1;

	res = fork();
	if (res == -1) {
		fprintf(stderr, "%s: fork: %s\n", progname, strerror(errno));
		goto out_restore;
	if (res == 0) {
		 * Hide output, because old versions don't support
		 * --no-canonicalize
		int fd = open("/dev/null", O_RDONLY);
		dup2(fd, 1);
		dup2(fd, 2);

		sigprocmask(SIG_SETMASK, &oldmask, NULL);
		execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
		      "-f", "-t", type, "-o", opts, fsname, mnt, NULL);
		fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
			progname, strerror(errno));
	res = waitpid(res, &status, 0);
	if (res == -1)
		fprintf(stderr, "%s: waitpid: %s\n", progname, strerror(errno));

	if (status != 0)
		res = -1;

	sigprocmask(SIG_SETMASK, &oldmask, NULL);

	return res;

int fuse_mnt_add_mount(const char *progname, const char *fsname,
		       const char *mnt, const char *type, const char *opts)
	int res;

	if (!mtab_needs_update(mnt))
		return 0; 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.