CVE-2021-40394: 
NixOS vulnerability analysis and mitigation

An integer overflow vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). The vulnerability was discovered in December 2021 and affects the Gerbv software, which is used to view and convert Gerber files for printed circuit board (PCB) manufacturing (Talos Intelligence).

The vulnerability occurs in the RS-274X aperture macro outline primitive handling where an integer overflow can be triggered through a specially-crafted gerber file. The issue arises when calculating the number of parameters for the primitive, where nufparameters = ((int)s->stack[1] + 1) * 2 + 3 can overflow, leading to a bypass of size checks and subsequent out-of-bounds memory write. The vulnerability has been assigned a CVSS v3 score of 10.0 (Critical) with vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H ([Talos Intelligence](https://talosintelligence.com/vulnerabilityreports/TALOS-2021-1405)).

A successful exploitation of this vulnerability can lead to code execution on the target system. This is particularly concerning as some PCB manufacturers use Gerbv in their web interfaces to convert Gerber files into images, making the vulnerability accessible via network without user interaction or privilege requirements (Talos Intelligence).

The vulnerability has been patched in various distributions including Debian 10 (buster) with version 2.7.0-1+deb10u3, Debian 11 (bullseye) with version 2.7.0-2+deb11u2, and Ubuntu versions 22.04 LTS (jammy), 20.04 LTS (focal), 18.04 LTS (bionic), and 16.04 LTS (xenial) (Debian Security, Ubuntu Security).