First published: Wed Dec 22 2021(Updated: )
An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
Credit: talos-cna@cisco.com talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Gerbv Project Gerbv | =2.7.0 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =11.0 | |
debian/gerbv | <=2.7.0-1+deb10u1 | 2.7.0-1+deb10u3 2.7.0-2+deb11u2 2.9.6-1 2.10.0-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.