PT-2021-4053 · Hivex+8 · Hivex+8

Jemery Galindo

·

Published

2021-04-14

·

Updated

2024-06-15

·

CVE-2021-3504

CVSS v2.0

5.8

Medium

VectorAV:N/AC:M/Au:N/C:P/I:N/A:P
Name of the Vulnerable Software and Affected Versions Hivex versions prior to 1.3.20
Description The issue is related to a lack of bounds check within the hivex open function, which can cause the library to read memory beyond its normal bounds or crash when processing a specially crafted Windows Registry (hive) file. This could allow a remote attacker to access confidential data or cause a denial of service, with the highest threat being to system availability.
Recommendations For versions prior to 1.3.20, update to version 1.3.20 or later to resolve the issue. As a temporary workaround, consider restricting the use of the hivex open function until a patch is available. Avoid processing untrusted Windows Registry (hive) files with the affected library to minimize the risk of exploitation.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2021:3061
ALT-PU-2021-1841
AZL-6472
BDU:2021-04581
CESA-2021_2318
CESA-2021_3061
CVE-2021-3504
DLA-2656-1
DSA-4913-1
MGASA-2021-0320
OESA-2021-1200
OPENSUSE-SU-2021:0806-1
OPENSUSE-SU-2021:1761-1
OPENSUSE-SU-2021_0806-1
OPENSUSE-SU-2021_1761-1
OPENSUSE-SU-2024:10845-1
RHSA-2021:2318
RHSA-2021:3061
RHSA-2021_2318
RHSA-2021_3061
RLSA-2021:3061
SUSE-SU-2021:1760-1
SUSE-SU-2021:1761-1
SUSE-SU-2021_1760-1
SUSE-SU-2021_1761-1
USN-5148-1
USN-5148-2

Affected Products

Alt Linux
Almalinux
Centos
Hivex
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu