Alerts This Week
Warning Icon 1 1,039
Alerts This Week
Warning Icon 1 1,039

Ubuntu 22.04 LTS: 6209-1 Moderate Gerbv Crash Vulnerability Risk

ubuntu
Calendar Grey July 7, 2023
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-6209-1 highlights vulnerabilities in Gerbv, affecting LTS versions, urging users to update for security against potential attacks and crashes
Gerbv could be made to crash or run programs as your login if it opened a specially crafted file.

Summary

Gerbv could be made to crash or run programs as your login if it

opened a specially crafted file.

Software Description:

- gerbv: Gerber file viewer for PCB design

Details:

Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber

files. An attacker could possibly use this issue to crash Gerbv (resulting

in a denial of service), or execute arbitrary code. This issue only

affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu

20.04 LTS. (CVE-2021-40391, CVE-2021-40394)

Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber

files. An attacker could possibly use this issue to disclose information,

crash Gerbv (resulting in a denial of service), or execute arbitrary code.

This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04

LTS, and Ubuntu 20.04 LTS. (CVE-2021-40393)

Claudio Bozzato discovered that Gerbv incorrectly handled certain Gerber

files. An attacker could possibly use this issue t...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate code execution Ubuntu Denial of Service Gerbv

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS (Available with Ubuntu Pro):
   gerbv                           2.8.2-1ubuntu0.1~esm1

Ubuntu 20.04 LTS:
   gerbv                           2.7.0-1ubuntu0.1

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
   gerbv                           2.6.1-3ubuntu0.1~esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
   gerbv                           2.6.0-1ubuntu0.16.04.1~esm1

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
   gerbv                           2.6.0-1ubuntu0.14.04.1~esm1

In general, a standard system update will make all the necessary changes.

References

CVE-2021-40391, CVE-2021-40393, CVE-2021-40394, CVE-2021-40400,

CVE-2021-40401, CVE-2021-40403

July 07, 2023

Topics%20covered

Topics Covered

security advisory moderate code execution Ubuntu Denial of Service Gerbv

Package Information

https://launchpad.net/ubuntu/+source/gerbv/2.7.0-1ubuntu0.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here