Issued:
2021-08-31
Updated:
2021-08-31

RHSA-2021:3338 - Security Advisory

Synopsis

Low: hivex security update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for hivex is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Hivex is a library that can read and write Hive files, undocumented binary files that Windows uses to store the Windows Registry on disk.

Security Fix(es):

  • hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 1975489 - CVE-2021-3622 hivex: stack overflow due to recursive call of _get_children()

Red Hat Enterprise Linux Server 7

SRPM
hivex-1.3.10-6.12.el7_9.src.rpm SHA-256: fd491d72bb1fac07f261c97fb71830aecfcc0eb2c4d216c8ee89ff57f1110269
x86_64
hivex-1.3.10-6.12.el7_9.i686.rpm SHA-256: 4117950a597f7cdf58d698ffe60e71bbe82e2ee9b9b8701256d2b753b008fd49
hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 04492b7b00f94702f343f9257dcccb106072704a825444b2f11d22e3e3f9cbde
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm SHA-256: ed6e05b9a0bc986d38ae06d55704ef6d6bae1f625c2c7ae61c65d9d0f662a9b6
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm SHA-256: ed6e05b9a0bc986d38ae06d55704ef6d6bae1f625c2c7ae61c65d9d0f662a9b6
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 0733a0f3c4eec176b4d42c241bf7e79938c3577aa161d31ad27c176b538d7793
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 0733a0f3c4eec176b4d42c241bf7e79938c3577aa161d31ad27c176b538d7793
hivex-devel-1.3.10-6.12.el7_9.i686.rpm SHA-256: c75af4e41b08665e4b11b866aeeb7a5fb85085bac152c24e2ccdafb0c3cb82f6
hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: c87a6f73e9d14d8cade5bcdac4437780fb2e34b57dec4daf7119f3618b0999c2
ocaml-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: b85cf0124230e1fcec73e85feaa7068466084abedafbd11ef6838c0a54e6e463
ocaml-hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: c53740cde8813a20026989a44ca3e54ae384f63bd4bb386c7c5af22238881fbc
perl-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 543239bfa5b5cea0022d10b14749865b7d7c71a17bc2f5c4395c42fb5c653924
python-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: afdcae959326b0400f183c342f2b7d089175fa695abeea4e665fc6107ba74a51
ruby-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 6738cf81c4fb3f77b7b37c1f007746a3e451cd8039eb2b5c13fae3912002ce42

Red Hat Enterprise Linux Workstation 7

SRPM
hivex-1.3.10-6.12.el7_9.src.rpm SHA-256: fd491d72bb1fac07f261c97fb71830aecfcc0eb2c4d216c8ee89ff57f1110269
x86_64
hivex-1.3.10-6.12.el7_9.i686.rpm SHA-256: 4117950a597f7cdf58d698ffe60e71bbe82e2ee9b9b8701256d2b753b008fd49
hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 04492b7b00f94702f343f9257dcccb106072704a825444b2f11d22e3e3f9cbde
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm SHA-256: ed6e05b9a0bc986d38ae06d55704ef6d6bae1f625c2c7ae61c65d9d0f662a9b6
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm SHA-256: ed6e05b9a0bc986d38ae06d55704ef6d6bae1f625c2c7ae61c65d9d0f662a9b6
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 0733a0f3c4eec176b4d42c241bf7e79938c3577aa161d31ad27c176b538d7793
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 0733a0f3c4eec176b4d42c241bf7e79938c3577aa161d31ad27c176b538d7793
hivex-devel-1.3.10-6.12.el7_9.i686.rpm SHA-256: c75af4e41b08665e4b11b866aeeb7a5fb85085bac152c24e2ccdafb0c3cb82f6
hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: c87a6f73e9d14d8cade5bcdac4437780fb2e34b57dec4daf7119f3618b0999c2
ocaml-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: b85cf0124230e1fcec73e85feaa7068466084abedafbd11ef6838c0a54e6e463
ocaml-hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: c53740cde8813a20026989a44ca3e54ae384f63bd4bb386c7c5af22238881fbc
perl-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 543239bfa5b5cea0022d10b14749865b7d7c71a17bc2f5c4395c42fb5c653924
python-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: afdcae959326b0400f183c342f2b7d089175fa695abeea4e665fc6107ba74a51
ruby-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 6738cf81c4fb3f77b7b37c1f007746a3e451cd8039eb2b5c13fae3912002ce42

Red Hat Enterprise Linux Desktop 7

SRPM
hivex-1.3.10-6.12.el7_9.src.rpm SHA-256: fd491d72bb1fac07f261c97fb71830aecfcc0eb2c4d216c8ee89ff57f1110269
x86_64
hivex-1.3.10-6.12.el7_9.i686.rpm SHA-256: 4117950a597f7cdf58d698ffe60e71bbe82e2ee9b9b8701256d2b753b008fd49
hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 04492b7b00f94702f343f9257dcccb106072704a825444b2f11d22e3e3f9cbde
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm SHA-256: ed6e05b9a0bc986d38ae06d55704ef6d6bae1f625c2c7ae61c65d9d0f662a9b6
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm SHA-256: ed6e05b9a0bc986d38ae06d55704ef6d6bae1f625c2c7ae61c65d9d0f662a9b6
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 0733a0f3c4eec176b4d42c241bf7e79938c3577aa161d31ad27c176b538d7793
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 0733a0f3c4eec176b4d42c241bf7e79938c3577aa161d31ad27c176b538d7793
hivex-devel-1.3.10-6.12.el7_9.i686.rpm SHA-256: c75af4e41b08665e4b11b866aeeb7a5fb85085bac152c24e2ccdafb0c3cb82f6
hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: c87a6f73e9d14d8cade5bcdac4437780fb2e34b57dec4daf7119f3618b0999c2
ocaml-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: b85cf0124230e1fcec73e85feaa7068466084abedafbd11ef6838c0a54e6e463
ocaml-hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: c53740cde8813a20026989a44ca3e54ae384f63bd4bb386c7c5af22238881fbc
perl-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 543239bfa5b5cea0022d10b14749865b7d7c71a17bc2f5c4395c42fb5c653924
python-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: afdcae959326b0400f183c342f2b7d089175fa695abeea4e665fc6107ba74a51
ruby-hivex-1.3.10-6.12.el7_9.x86_64.rpm SHA-256: 6738cf81c4fb3f77b7b37c1f007746a3e451cd8039eb2b5c13fae3912002ce42

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
hivex-1.3.10-6.12.el7_9.src.rpm SHA-256: fd491d72bb1fac07f261c97fb71830aecfcc0eb2c4d216c8ee89ff57f1110269
s390x
hivex-1.3.10-6.12.el7_9.s390.rpm SHA-256: b25a098cc45a2a5461794601ff932b53f9f2a4ad94aa65eb10198fc074469054
hivex-1.3.10-6.12.el7_9.s390x.rpm SHA-256: 589691641825a4b2157997a5f45b442188527613e2b84e03f99081f11e316ce6
hivex-debuginfo-1.3.10-6.12.el7_9.s390.rpm SHA-256: 75603c42f772bfc5743ce1cadf0117d94db977820eae0112511a372138283946
hivex-debuginfo-1.3.10-6.12.el7_9.s390.rpm SHA-256: 75603c42f772bfc5743ce1cadf0117d94db977820eae0112511a372138283946
hivex-debuginfo-1.3.10-6.12.el7_9.s390x.rpm SHA-256: 76d1db2be3605a102957d0634736329c517d756f9e9c7928b2ada9aff17db422
hivex-debuginfo-1.3.10-6.12.el7_9.s390x.rpm SHA-256: 76d1db2be3605a102957d0634736329c517d756f9e9c7928b2ada9aff17db422
hivex-devel-1.3.10-6.12.el7_9.s390.rpm SHA-256: bbcc3195f3e6c0e168a156a1f13c3617ce5d69c89077a027e44dce1ebb070c95
hivex-devel-1.3.10-6.12.el7_9.s390x.rpm SHA-256: b24ce362fc70186acc94d67213ff04a62e8ebd82837a68234ee0d01795a43855
ocaml-hivex-1.3.10-6.12.el7_9.s390x.rpm SHA-256: 44164b2c6922456f3ca7818fc3141e30b61212005a9a8457f53a242427d80fe3
ocaml-hivex-devel-1.3.10-6.12.el7_9.s390x.rpm SHA-256: 3459c3148ad5f41e96cff308baedfd80ad8ee2812813cb49ee7057e7bf6a0140
perl-hivex-1.3.10-6.12.el7_9.s390x.rpm SHA-256: fd208cd21e3c8f07adabe44d0e328e8c9e92981e4433537154d031bd91aba909
python-hivex-1.3.10-6.12.el7_9.s390x.rpm SHA-256: bf2465425a22ac2206ff2ade18f022a1c8ba554c2bab58514f14daae0ee35aea
ruby-hivex-1.3.10-6.12.el7_9.s390x.rpm SHA-256: c84faee0270929a585a8894f7da23d0752bbf9a28d4dcf287c2e017d7bbb3c3d

Red Hat Enterprise Linux for Power, little endian 7

SRPM
hivex-1.3.10-6.12.el7_9.src.rpm SHA-256: fd491d72bb1fac07f261c97fb71830aecfcc0eb2c4d216c8ee89ff57f1110269
ppc64le
hivex-1.3.10-6.12.el7_9.ppc64le.rpm SHA-256: 82fc5fc2d876f9112d0c06ea1ff60ce5e1f788211e887db9f961e3eeee9eed18
hivex-debuginfo-1.3.10-6.12.el7_9.ppc64le.rpm SHA-256: 6a9efbb4e4d56f88d1fba6eae50e1654e6f2fb2c4a053b2fafe361305a37d245
hivex-debuginfo-1.3.10-6.12.el7_9.ppc64le.rpm SHA-256: 6a9efbb4e4d56f88d1fba6eae50e1654e6f2fb2c4a053b2fafe361305a37d245
hivex-devel-1.3.10-6.12.el7_9.ppc64le.rpm SHA-256: 2a75517d4010d67fc759a30b509bf8b32072ab81cc5e830691abe0720ff0706d
ocaml-hivex-1.3.10-6.12.el7_9.ppc64le.rpm SHA-256: c1009c39046e7431f255ea616eca96f9086cfd1fa4f6d267f94fe4f50ce07e24
ocaml-hivex-devel-1.3.10-6.12.el7_9.ppc64le.rpm SHA-256: ec5eb156b1da0b09d9eadbb2361d7e98f6e3e40359fbd54e5102e8993f1c68ee
perl-hivex-1.3.10-6.12.el7_9.ppc64le.rpm SHA-256: 19ec479bae624398f826972512b2211580639f14fccd96f1696d8ba2cbcf86f0
python-hivex-1.3.10-6.12.el7_9.ppc64le.rpm SHA-256: f114f22ab81620ae7a650f6bce951c4c8a0f61d21013c3c75c92cf21eeb4b9f5
ruby-hivex-1.3.10-6.12.el7_9.ppc64le.rpm SHA-256: 94a1d8b66c51571d14675a91eef8c21cdb30948c8c89e5c0fe6bcbebed0ac4b7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.