Debian Gtkwave vulnerabilities

CVE-2023-37442 [HIGH] CVE-2023-37442: gtkwave - Multiple out-of-bounds read vulnerabilities exist in the VCD var definition sect... Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's default VCD parsing code

CVE-2023-35994 [HIGH] CVE-2023-35994: gtkwave - Multiple improper array index validation vulnerabilities exist in the fstReaderI... Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta initialization part. Scope: local bookworm: resolve

CVE-2023-39444 [HIGH] CVE-2023-39444: gtkwave - Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functiona... Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop. Scope: local bookworm: resolve

CVE-2023-35703 [HIGH] CVE-2023-35703: gtkwave - Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 var... Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint64 function. Scope: local bookworm: resolved (fixed in 3.

CVE-2023-39272 [HIGH] CVE-2023-39272: gtkwave - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing ... Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array. Scope: local bookworm: re

CVE-2023-35704 [HIGH] CVE-2023-35704: gtkwave - Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 var... Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function. Scope: local bookworm: resolved (fix

CVE-2023-36747 [HIGH] CVE-2023-36747: gtkwave - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBl... Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when `beg_time` does not match

CVE-2023-37444 [HIGH] CVE-2023-37444: gtkwave - Multiple out-of-bounds read vulnerabilities exist in the VCD var definition sect... Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's interactive VCD parsing

CVE-2023-36861 [HIGH] CVE-2023-36861: gtkwave - An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint function... An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. Scope: local bookworm: resolved (fixed in 3.3.118-0.1~deb12u1) bullseye: resolved (fixed in 3.3.104+really3.3.118-0+de

CVE-2023-35958 [HIGH] CVE-2023-35958: gtkwave - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBl... Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the copy function `fstFread`. Scope: local bookworm: resolv

CVE-2023-39414 [HIGH] CVE-2023-39414: gtkwave - Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix ... Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the right shift operation. Scope

CVE-2023-35959 [HIGH] CVE-2023-35959: gtkwave - Multiple OS command injection vulnerabilities exist in the decompression functio... Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression. Scope: local bookworm: resolved (fixed in 3.3.118-0.1~deb12u1)

CVE-2023-39273 [HIGH] CVE-2023-39273: gtkwave - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing ... Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array. Scope: local bookworm:

CVE-2023-39317 [HIGH] CVE-2023-39317: gtkwave - Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries fun... Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_lens` array. Scope: local bookwor

CVE-2023-38653 [HIGH] CVE-2023-38653: gtkwave - Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_deco... Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. Scope: local bookworm

CVE-2023-39275 [HIGH] CVE-2023-39275: gtkwave - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing ... Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `value` array. Scope: local bookworm:

CVE-2023-37420 [HIGH] CVE-2023-37420: gtkwave - Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange ... Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utili

CVE-2023-39271 [HIGH] CVE-2023-39271: gtkwave - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing ... Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array. Scope: local bookworm: re

CVE-2023-35956 [HIGH] CVE-2023-35956: gtkwave - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBl... Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `fastlz_decompress`. Scope: loca

CVE-2023-39274 [HIGH] CVE-2023-39274: gtkwave - Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing ... Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array. Scope: local bookworm: re