Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

rhel 7
shell weakness #13

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

gnome-session-3.28.1/gnome-session/gsm-system.c

Context:

The highlighted line of code below is the trigger point of this particular Red Hat Enterprise Linux 7 shell weakness.

 void
gsm_system_suspend (GsmSystem *system)
{
        GSM_SYSTEM_GET_IFACE (system)->suspend (system);
}

void
gsm_system_hibernate (GsmSystem *system)
{
        GSM_SYSTEM_GET_IFACE (system)->hibernate (system);
}

void
gsm_system_set_session_idle (GsmSystem *system,
                             gboolean   is_idle)
{
        GSM_SYSTEM_GET_IFACE (system)->set_session_idle (system, is_idle);
}

void
gsm_system_add_inhibitor (GsmSystem        *system,
                          const gchar      *id,
                          GsmInhibitorFlag  flag)
{
        GSM_SYSTEM_GET_IFACE (system)->add_inhibitor (system, id, flag);
}

void
gsm_system_remove_inhibitor (GsmSystem   *system,
                             const gchar *id)
{
        GSM_SYSTEM_GET_IFACE (system)->remove_inhibitor (system, id);
}

gboolean
gsm_system_is_login_session (GsmSystem *system)
{
        return GSM_SYSTEM_GET_IFACE (system)->is_login_session (system);
}

gboolean
gsm_system_is_last_session_for_user (GsmSystem *system)
{
        return GSM_SYSTEM_GET_IFACE (system)->is_last_session_for_user (system);
}

/**
 * gsm_system_is_active:
 *
 * Returns: %TRUE if the current session is in the foreground 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.