Debian Gtkwave vulnerabilities

CVE-2023-35057 [HIGH] CVE-2023-35057: gtkwave - An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value element... An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. Scope: local bookworm: resolved (fixed in 3.3.118-0.1~deb12u1) bullseye: resolved (fixed in 3.3.104+rea

CVE-2023-37922 [HIGH] CVE-2023-37922: gtkwave - Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functio... Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt2 conversion utility. Scope: local bo

CVE-2023-37282 [HIGH] CVE-2023-37282: gtkwave - An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction... An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. Scope: local bookworm: resolved (fixed in 3.3.118-0.1~deb12u1) bullseye: resolved (fixed in 3.3.104+really3.3

CVE-2023-35969 [HIGH] CVE-2023-35969: gtkwave - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBl... Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_

CVE-2023-38619 [HIGH] CVE-2023-38619: gtkwave - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing f... Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array. Scope: local bookworm: reso

CVE-2023-35996 [HIGH] CVE-2023-35996: gtkwave - Multiple improper array index validation vulnerabilities exist in the fstReaderI... Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 0. Scope: local bookwo

CVE-2023-38649 [HIGH] CVE-2023-38649: gtkwave - Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname... Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop. Scope:

CVE-2023-38622 [HIGH] CVE-2023-38622: gtkwave - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing f... Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array. Scope: local bookworm: reso

CVE-2023-35702 [HIGH] CVE-2023-35702: gtkwave - Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 var... Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32 function. Scope: local bookworm: resolved (fixed in 3.

CVE-2023-38651 [HIGH] CVE-2023-38651: gtkwave - Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_deco... Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. Scope: local bookwor

CVE-2023-37443 [HIGH] CVE-2023-37443: gtkwave - Multiple out-of-bounds read vulnerabilities exist in the VCD var definition sect... Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's legacy VCD parsing code.

CVE-2023-36915 [HIGH] CVE-2023-36915: gtkwave - Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 ... Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table` array. Scope: local b

CVE-2023-39413 [HIGH] CVE-2023-39413: gtkwave - Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix ... Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the left shift operation. Scope:

CVE-2023-39234 [HIGH] CVE-2023-39234: gtkwave - Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_blo... Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->numrealfacs`. Scope:

CVE-2023-38618 [HIGH] CVE-2023-38618: gtkwave - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing f... Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array. Scope: local bookworm: res

CVE-2023-38648 [HIGH] CVE-2023-38648: gtkwave - Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname... Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop. Scope:

CVE-2023-35955 [HIGH] CVE-2023-35955: gtkwave - Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBl... Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `LZ4_decompress_safe_partial`. S

CVE-2023-37921 [HIGH] CVE-2023-37921: gtkwave - Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functio... Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2vzt conversion utility. Scope: local boo

CVE-2023-35995 [HIGH] CVE-2023-35995: gtkwave - Multiple improper array index validation vulnerabilities exist in the fstReaderI... Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 1. Scope: local bookwo

CVE-2023-35963 [HIGH] CVE-2023-35963: gtkwave - Multiple OS command injection vulnerabilities exist in the decompression functio... Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt2` utility. Scope: local bookworm: resolved (fixed in 3