An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. References: https://github.com/gerbv/gerbv/commit/672214abb47a802fc000125996e6e0a46c623a4e https://github.com/gerbv/gerbv/issues/30
Created gerbv tracking bugs for this issue: Affects: fedora-all [bug 2041799]