CVE-2021-3504 log

Source
Severity Low
Remote No
Type Denial of service
Description
A security was found in the hivex library before version 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash.
Group Package Affected Fixed Severity Status Ticket
AVG-1907 hivex 1.3.19-4 Low Vulnerable
References
https://bugzilla.redhat.com/show_bug.cgi?id=1949687
https://github.com/libguestfs/hivex/commit/8f1935733b10d974a1a4176d38dd151ed98cf381