CVE-2021-3622
23.12.2021, 21:15
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | hivex | 𝑥 < 1.3.21 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_workstation | 7.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| hivex-devel |
| ||||||||||||||||||||||||||||||||||||||||||
| libhivex0 |
| ||||||||||||||||||||||||||||||||||||||||||
| ocaml-hivex |
| ||||||||||||||||||||||||||||||||||||||||||
| ocaml-hivex-devel |
| ||||||||||||||||||||||||||||||||||||||||||
| perl-Win-Hivex |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| hivex |
| ||
| hivex-devel |
| ||
| ocaml-hivex |
| ||
| ocaml-hivex-devel |
| ||
| perl-hivex |
| ||
| python-hivex |
| ||
| ruby-hivex |
|
References