5 matches found
Use After Free
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev commit b5f1eacd and Gerbv forked 2.7.1. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40401
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev commit b5f1eacd and Gerbv forked 2.7.1. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
Design/Logic Flaw
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev commit b5f1eacd and Gerbv forked 2.7.1. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40401
CVE-2021-40401 affects Gerbv (RS-274X aperture definition tokenization) with a use-after-free in 2.7.0 (and forks) that an attacker can trigger via a crafted Gerber file to achieve code execution. Connected advisories confirm additional related CVEs (CVE-2021-40403 etc.) and describe the same fam...
CVE-2021-40401
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev commit b5f1eacd and Gerbv forked 2.7.1. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...