CVE-2022-23803: 
Linux Debian vulnerability analysis and mitigation

A stack-based buffer overflow vulnerability (CVE-2022-23803) was discovered in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. The vulnerability affects the coordinate parsing functionality in KiCad, a cross-platform open-source software for electronics design automation (Talos Report).

The vulnerability exists in the ReadXYCoord method where a line buffer of size 256 bytes is allocated on the stack. When processing lines starting with 'X' or 'Y', the code enters a loop that stores characters in the text buffer without checking buffer bounds. Because the input text can be much larger than the line buffer and the loop does not perform bounds checking, this can lead to a stack-based buffer overflow. The vulnerability has a CVSS v3 score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) (Talos Report).

The vulnerability could result in the execution of arbitrary code if malformed Gerber/Excellon files are processed. An attacker can trigger this vulnerability by providing a specially-crafted gerber or excellon file to the application (Debian Security, Talos Report).

The vulnerability has been fixed in multiple distributions: Debian 9 (Stretch) version 4.0.5+dfsg1-4+deb9u1, Debian 10 (Buster) version 5.0.2+dfsg1-1+deb10u1, Debian 11 (Bullseye) version 5.1.9+dfsg1-1+deb11u1, and Fedora 35 version 6.0.2-1.fc35. Users are recommended to upgrade their kicad packages to the fixed versions (Debian LTS, Fedora Update).