USN-5148-1: hivex vulnerability
16 November 2021
hivex could be made to crash or leak information if it received specially crafted input.
Releases
Packages
- hivex - utilities for reading and writing Windows Registry hives
Details
It was discovered that hivex incorrectly handled certain input. An attacker
could use this vulnerability to cause a crash or obtain sensitive information.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.10
Ubuntu 21.04
Ubuntu 20.04
Ubuntu 18.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5148-2: libhivex-dev, python3-hivex, libwin-hivex-perl, libhivex-ocaml-dev, hivex, python-hivex, libhivex-bin, libhivex0, libhivex-ocaml, ruby-hivex