[RHSA-2021:3338-01] Low: hivex security update

Tue Aug 31 09:14:38 UTC 2021

An update for hivex is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Hivex is a library that can read and write Hive files, undocumented binary
files that Windows uses to store the Windows Registry on disk.

Security Fix(es):

* hivex: stack overflow due to recursive call of _get_children()
(CVE-2021-3622)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1975489 - CVE-2021-3622 hivex: stack overflow due to recursive call of _get_children()

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
hivex-1.3.10-6.12.el7_9.src.rpm

x86_64:
hivex-1.3.10-6.12.el7_9.i686.rpm
hivex-1.3.10-6.12.el7_9.x86_64.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm
perl-hivex-1.3.10-6.12.el7_9.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm
hivex-devel-1.3.10-6.12.el7_9.i686.rpm
hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm
ocaml-hivex-1.3.10-6.12.el7_9.x86_64.rpm
ocaml-hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm
python-hivex-1.3.10-6.12.el7_9.x86_64.rpm
ruby-hivex-1.3.10-6.12.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
hivex-1.3.10-6.12.el7_9.src.rpm

ppc64le:
hivex-1.3.10-6.12.el7_9.ppc64le.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.ppc64le.rpm
perl-hivex-1.3.10-6.12.el7_9.ppc64le.rpm

s390x:
hivex-1.3.10-6.12.el7_9.s390.rpm
hivex-1.3.10-6.12.el7_9.s390x.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.s390.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.s390x.rpm
perl-hivex-1.3.10-6.12.el7_9.s390x.rpm

x86_64:
hivex-1.3.10-6.12.el7_9.i686.rpm
hivex-1.3.10-6.12.el7_9.x86_64.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm
perl-hivex-1.3.10-6.12.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64le:
hivex-debuginfo-1.3.10-6.12.el7_9.ppc64le.rpm
hivex-devel-1.3.10-6.12.el7_9.ppc64le.rpm
ocaml-hivex-1.3.10-6.12.el7_9.ppc64le.rpm
ocaml-hivex-devel-1.3.10-6.12.el7_9.ppc64le.rpm
python-hivex-1.3.10-6.12.el7_9.ppc64le.rpm
ruby-hivex-1.3.10-6.12.el7_9.ppc64le.rpm

s390x:
hivex-debuginfo-1.3.10-6.12.el7_9.s390.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.s390x.rpm
hivex-devel-1.3.10-6.12.el7_9.s390.rpm
hivex-devel-1.3.10-6.12.el7_9.s390x.rpm
ocaml-hivex-1.3.10-6.12.el7_9.s390x.rpm
ocaml-hivex-devel-1.3.10-6.12.el7_9.s390x.rpm
python-hivex-1.3.10-6.12.el7_9.s390x.rpm
ruby-hivex-1.3.10-6.12.el7_9.s390x.rpm

x86_64:
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm
hivex-devel-1.3.10-6.12.el7_9.i686.rpm
hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm
ocaml-hivex-1.3.10-6.12.el7_9.x86_64.rpm
ocaml-hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm
python-hivex-1.3.10-6.12.el7_9.x86_64.rpm
ruby-hivex-1.3.10-6.12.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
hivex-1.3.10-6.12.el7_9.src.rpm

x86_64:
hivex-1.3.10-6.12.el7_9.i686.rpm
hivex-1.3.10-6.12.el7_9.x86_64.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm
perl-hivex-1.3.10-6.12.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm
hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm
hivex-devel-1.3.10-6.12.el7_9.i686.rpm
hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm
ocaml-hivex-1.3.10-6.12.el7_9.x86_64.rpm
ocaml-hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm
python-hivex-1.3.10-6.12.el7_9.x86_64.rpm
ruby-hivex-1.3.10-6.12.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-3622
https://access.redhat.com/security/updates/classification/#low

8. Contact:

The Red Hat security contact is <secalert at redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYS3y+NzjgjWX9erEAQgstA/+IQa8WnfXy9msZoEM0wMLhiGf/aqsLwML
4SsnqKLpis7ckex26E+K0w3i4Hfs3GNOM/CsG9YYMPYeby7HzHx7wLR4KNV8++ys
0yJ6DDRGvj3a1dgr2zgz3q6Of6RMTNea6LJ8JEI/2Wz79CP2N7LFAtWCSCjW1PPS
wfEE+7WmU6Kez94Lf4XmYuDMyzQK793JgeVVx+DJKjGdoIU8rljbMecpjZWXoaQw
FF0bDmy43X94vua7mXH7XmXw8KVqDlK1SUr4vZjZyVGPGvI3XrgWZ0PmF3VDWoka
jCCkLivObN+6meoV7r6JAivXCVa1kh2Pbd3LvGNypLW0QT0nO3CJOT/ZuD8Hvvxe
9l6hQUaEGsw4LqE8wohfuoOMCKPJDrhMYdWIkYiIQDlDNR159r1xkmgf+h1yWrkN
nuyE7I9wt4W6EzzT3VkDBpGwArvkKvzDaap68QkXQ0G9liIR4cDGKLoxgAc5ozkY
6PvK6Hw05FITCjid5IEqfAv8w9YFAIhvID+eiBbeT/sLGsHDNlJZj86EOTRGtVNj
HCdi18/74MwLlib4KI1k1RD1X/hluiZU1O6iE2VHwTrhJcCYhDjNeyJhveuwTQtI
AXYbWCLoYw7BeTzZtuAxvI3lNI60OubmyGwyiATi8mlmgi/fnJcW/uNESjv+65xe
jz5v0yjLhDs=
=5ASo
-----END PGP SIGNATURE-----