Unrated severityNVD Advisory· Published Dec 23, 2021· Updated Aug 3, 2024
CVE-2021-3622
CVE-2021-3622
Description
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability.
Affected products
143- osv-coords142 versionspkg:rpm/almalinux/hivexpkg:rpm/almalinux/hivex-develpkg:rpm/almalinux/libguestfspkg:rpm/almalinux/libguestfs-appliancepkg:rpm/almalinux/libguestfs-bash-completionpkg:rpm/almalinux/libguestfs-develpkg:rpm/almalinux/libguestfs-gfs2pkg:rpm/almalinux/libguestfs-gobjectpkg:rpm/almalinux/libguestfs-gobject-develpkg:rpm/almalinux/libguestfs-inspect-iconspkg:rpm/almalinux/libguestfs-javapkg:rpm/almalinux/libguestfs-java-develpkg:rpm/almalinux/libguestfs-javadocpkg:rpm/almalinux/libguestfs-man-pages-japkg:rpm/almalinux/libguestfs-man-pages-ukpkg:rpm/almalinux/libguestfs-rescuepkg:rpm/almalinux/libguestfs-rsyncpkg:rpm/almalinux/libguestfs-toolspkg:rpm/almalinux/libguestfs-tools-cpkg:rpm/almalinux/libguestfs-winsupportpkg:rpm/almalinux/libguestfs-xfspkg:rpm/almalinux/libiscsipkg:rpm/almalinux/libiscsi-develpkg:rpm/almalinux/libiscsi-utilspkg:rpm/almalinux/libnbdpkg:rpm/almalinux/libnbd-bash-completionpkg:rpm/almalinux/libnbd-develpkg:rpm/almalinux/libtpmspkg:rpm/almalinux/libtpms-develpkg:rpm/almalinux/libvirtpkg:rpm/almalinux/libvirt-clientpkg:rpm/almalinux/libvirt-daemonpkg:rpm/almalinux/libvirt-daemon-config-networkpkg:rpm/almalinux/libvirt-daemon-config-nwfilterpkg:rpm/almalinux/libvirt-daemon-driver-interfacepkg:rpm/almalinux/libvirt-daemon-driver-networkpkg:rpm/almalinux/libvirt-daemon-driver-nodedevpkg:rpm/almalinux/libvirt-daemon-driver-nwfilterpkg:rpm/almalinux/libvirt-daemon-driver-qemupkg:rpm/almalinux/libvirt-daemon-driver-secretpkg:rpm/almalinux/libvirt-daemon-driver-storagepkg:rpm/almalinux/libvirt-daemon-driver-storage-corepkg:rpm/almalinux/libvirt-daemon-driver-storage-diskpkg:rpm/almalinux/libvirt-daemon-driver-storage-glusterpkg:rpm/almalinux/libvirt-daemon-driver-storage-iscsipkg:rpm/almalinux/libvirt-daemon-driver-storage-iscsi-directpkg:rpm/almalinux/libvirt-daemon-driver-storage-logicalpkg:rpm/almalinux/libvirt-daemon-driver-storage-mpathpkg:rpm/almalinux/libvirt-daemon-driver-storage-rbdpkg:rpm/almalinux/libvirt-daemon-driver-storage-scsipkg:rpm/almalinux/libvirt-daemon-kvmpkg:rpm/almalinux/libvirt-dbuspkg:rpm/almalinux/libvirt-develpkg:rpm/almalinux/libvirt-docspkg:rpm/almalinux/libvirt-libspkg:rpm/almalinux/libvirt-lock-sanlockpkg:rpm/almalinux/libvirt-nsspkg:rpm/almalinux/libvirt-wiresharkpkg:rpm/almalinux/lua-guestfspkg:rpm/almalinux/nbdfusepkg:rpm/almalinux/nbdkitpkg:rpm/almalinux/nbdkit-bash-completionpkg:rpm/almalinux/nbdkit-basic-filterspkg:rpm/almalinux/nbdkit-basic-pluginspkg:rpm/almalinux/nbdkit-curl-pluginpkg:rpm/almalinux/nbdkit-develpkg:rpm/almalinux/nbdkit-example-pluginspkg:rpm/almalinux/nbdkit-gzip-filterpkg:rpm/almalinux/nbdkit-gzip-pluginpkg:rpm/almalinux/nbdkit-linuxdisk-pluginpkg:rpm/almalinux/nbdkit-nbd-pluginpkg:rpm/almalinux/nbdkit-python-pluginpkg:rpm/almalinux/nbdkit-serverpkg:rpm/almalinux/nbdkit-ssh-pluginpkg:rpm/almalinux/nbdkit-tar-filterpkg:rpm/almalinux/nbdkit-tar-pluginpkg:rpm/almalinux/nbdkit-tmpdisk-pluginpkg:rpm/almalinux/nbdkit-vddk-pluginpkg:rpm/almalinux/nbdkit-xz-filterpkg:rpm/almalinux/netcfpkg:rpm/almalinux/netcf-develpkg:rpm/almalinux/netcf-libspkg:rpm/almalinux/ocaml-hivexpkg:rpm/almalinux/ocaml-hivex-develpkg:rpm/almalinux/ocaml-libguestfspkg:rpm/almalinux/ocaml-libguestfs-develpkg:rpm/almalinux/ocaml-libnbdpkg:rpm/almalinux/ocaml-libnbd-develpkg:rpm/almalinux/perl-hivexpkg:rpm/almalinux/perl-Sys-Guestfspkg:rpm/almalinux/perl-Sys-Virtpkg:rpm/almalinux/python3-hivexpkg:rpm/almalinux/python3-libguestfspkg:rpm/almalinux/python3-libnbdpkg:rpm/almalinux/python3-libvirtpkg:rpm/almalinux/qemu-guest-agentpkg:rpm/almalinux/qemu-imgpkg:rpm/almalinux/qemu-kvmpkg:rpm/almalinux/qemu-kvm-block-curlpkg:rpm/almalinux/qemu-kvm-block-glusterpkg:rpm/almalinux/qemu-kvm-block-iscsipkg:rpm/almalinux/qemu-kvm-block-rbdpkg:rpm/almalinux/qemu-kvm-block-sshpkg:rpm/almalinux/qemu-kvm-commonpkg:rpm/almalinux/qemu-kvm-corepkg:rpm/almalinux/qemu-kvm-docspkg:rpm/almalinux/qemu-kvm-hw-usbredirpkg:rpm/almalinux/qemu-kvm-testspkg:rpm/almalinux/qemu-kvm-ui-openglpkg:rpm/almalinux/qemu-kvm-ui-spicepkg:rpm/almalinux/ruby-hivexpkg:rpm/almalinux/ruby-libguestfspkg:rpm/almalinux/seabiospkg:rpm/almalinux/seabios-binpkg:rpm/almalinux/seavgabios-binpkg:rpm/almalinux/sgabiospkg:rpm/almalinux/sgabios-binpkg:rpm/almalinux/SLOFpkg:rpm/almalinux/superminpkg:rpm/almalinux/supermin-develpkg:rpm/almalinux/swtpmpkg:rpm/almalinux/swtpm-develpkg:rpm/almalinux/swtpm-libspkg:rpm/almalinux/swtpm-toolspkg:rpm/almalinux/swtpm-tools-pkcs11pkg:rpm/almalinux/virt-dibpkg:rpm/almalinux/virt-v2vpkg:rpm/almalinux/virt-v2v-bash-completionpkg:rpm/almalinux/virt-v2v-man-pages-japkg:rpm/almalinux/virt-v2v-man-pages-ukpkg:rpm/opensuse/hivex&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/hivex&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/hivex&distro=openSUSE%20Tumbleweedpkg:rpm/suse/hivex&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/hivex&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/hivex&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/hivex&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/hivex&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2pkg:rpm/suse/hivex&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/hivex&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/hivex&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/hivex&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 1.3.18-23.module_el8.6.0+2880+7d9e3703+ 141 more
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 8.6-1.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.9.1-0.20211126git1ff6fe1f43.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.0-2.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.24.0-4.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.2.8-12.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.2.8-12.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.2.8-12.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 8.0.0-1.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1.6.0-5.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 8.0.0-1.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 15:6.2.0-11.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-23.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1.15.0-2.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.15.0-2.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.15.0-2.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:0.20170427git-3.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:0.20170427git-3.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 20210217-1.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 5.2.1-1.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 5.2.1-1.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 0.7.0-1.20211109gitb79fd91.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
- (no CPE)range: < 1:1.42.0-18.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.42.0-18.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.42.0-18.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1:1.42.0-18.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.14-lp152.4.6.1
- (no CPE)range: < 1.3.14-5.6.1
- (no CPE)range: < 1.3.21-2.2
- (no CPE)range: < 1.3.14-5.6.1
- (no CPE)range: < 1.3.14-5.6.1
- (no CPE)range: < 1.3.14-5.6.1
- (no CPE)range: < 1.3.14-5.6.1
- (no CPE)range: < 1.3.14-5.6.1
- (no CPE)range: < 1.3.14-5.6.1
- (no CPE)range: < 1.3.10-5.7.1
- (no CPE)range: < 1.3.10-5.7.1
- (no CPE)range: < 1.3.10-5.7.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S35TVTAPHORSUIFYNFBHKLQRPVFUPXBE/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USD4OEV6L3RPHE32V2MJ4JPFBODINWSU/mitrevendor-advisoryx_refsource_FEDORA
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- github.com/libguestfs/hivex/commit/771728218dac2fbf6997a7e53225e75a4c6b7255mitrex_refsource_MISC
- listman.redhat.com/archives/libguestfs/2021-August/msg00002.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.