Описание
Security update for hivex
This update for hivex fixes the following issues:
- CVE-2021-3622: Fixed stack overflow due to recursive call of _get_children() (bsc#1189060).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
libhivex0-1.3.10-5.7.1
perl-Win-Hivex-1.3.10-5.7.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libhivex0-1.3.10-5.7.1
perl-Win-Hivex-1.3.10-5.7.1
SUSE Linux Enterprise Software Development Kit 12 SP5
hivex-devel-1.3.10-5.7.1
Ссылки
- Link for SUSE-SU-2021:3210-1
- E-Mail link for SUSE-SU-2021:3210-1
- SUSE Security Ratings
- SUSE Bug 1189060
- SUSE CVE CVE-2021-3622 page
Описание
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:libhivex0-1.3.10-5.7.1
SUSE Linux Enterprise Server 12 SP5:perl-Win-Hivex-1.3.10-5.7.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:libhivex0-1.3.10-5.7.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:perl-Win-Hivex-1.3.10-5.7.1
Ссылки
- CVE-2021-3622
- SUSE Bug 1189060