Mageia: 2021-0320 Moderate: Hivex Bounds Check Issue Threat

mageia

July 8, 2021

A flaw was found in the hivex library

Summary

A flaw was found in the hivex library. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat from this vulnerability is to system availability (CVE-2021-3504).

References

- https://bugs.mageia.org/show_bug.cgi?id=28925

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A5BNKNVYFL36P2GBEB5O36LHFRYU575H/

- https://www.cve.org/CVERecord?id=CVE-2021-3504

Topics Covered

security advisory moderate threat hivex mageia system availability bounds check

Resolution

SRPMS

- 7/core/hivex-1.3.20-1.mga7

- 8/core/hivex-1.3.20-1.mga8

Publication date: 08 Jul 2021

URL: https://advisories.mageia.org/MGASA-2021-0320.html

Type: security

CVE: CVE-2021-3504

Topics Covered

security advisory moderate threat hivex mageia system availability bounds check

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia: 2021-0320 Moderate: Hivex Bounds Check Issue Threat

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia: 2021-0320 Moderate: Hivex Bounds Check Issue Threat

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!