Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

sles 15.2
shell weakness #10

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

libvpd-2.2.6/src/system_c.c

Context:

The highlighted line of code below is the trigger point of this particular Sles 15.2 shell weakness.

  *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the Lesser GNU General Public License as        *
 *   published by the Free Software Foundation; either version 2.1 of the  *
 *   License, or at your option) any later version.                        *
 *                                                                         *
 *   This program is distributed in the hope that it will be useful,       *
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
 *   GNU Lesser General Public License for more details.                   *
 *                                                                         *
 *   You should have received a copy of the Lesser GNU General Public      *
 *   License along with this program; if not, write to the                 *
 *   Free Software Foundation, Inc.,                                       *
 *   59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             *
 ***************************************************************************/

#include <libvpd-2/system.h>
#include <stdlib.h>
#include <string.h>
#include <netinet/in.h>

struct system * new_system( int init )
{
	struct system *ret;

	ret = calloc( 1, sizeof( struct system ) );
	if( !ret )
		return NULL;

	if( init )
	{
		ret->id = new_dataitem( );
		if( !ret->id )
			goto newsyserr;
		ret->id->dataValue = strdup( SYS_ID );

		ret->description = new_dataitem( );
		if( !ret->description )
			goto newsyserr;
		ret->description->ac = strdup( "DS" );
		ret->description->humanName = strdup( "Description" );

		ret->description = new_dataitem( );
		if( !ret->description )
			goto newsyserr;
		ret->description->ac = strdup( "BR" );
		ret->description->humanName = strdup( "Brand Keyword" );
		
		ret->description = new_dataitem( ); 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.