CVE-2023-39316

2024-01-0815:15:24

Debian Security Bug Tracker

security-tracker.debian.org

integer overflow

num_dict_entries

arbitrary code execution

malicious file

string_pointers array

unix

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0.001

Percentile

23.4%

JSON

Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the string_pointers array.

OSVersionArchitecturePackageVersionFilename
Debian12allgtkwave< 3.3.118-0.1~deb12u1gtkwave_3.3.118-0.1~deb12u1_all.deb
Debian11allgtkwave< 3.3.104+really3.3.118-0+deb11u1gtkwave_3.3.104+really3.3.118-0+deb11u1_all.deb
Debian999allgtkwave< 3.3.118-0.1gtkwave_3.3.118-0.1_all.deb
Debian13allgtkwave< 3.3.118-0.1gtkwave_3.3.118-0.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	gtkwave	< 3.3.118-0.1~deb12u1	gtkwave_3.3.118-0.1~deb12u1_all.deb
Debian	11	all	gtkwave	< 3.3.104+really3.3.118-0+deb11u1	gtkwave_3.3.104+really3.3.118-0+deb11u1_all.deb
Debian	999	all	gtkwave	< 3.3.118-0.1	gtkwave_3.3.118-0.1_all.deb
Debian	13	all	gtkwave	< 3.3.118-0.1	gtkwave_3.3.118-0.1_all.deb