CVE-2023-35957

Vulnerability

A heap-based buffer overflow vulnerability exists in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115, specifically within the decompression function uncompress. A specially-crafted .fst file can trigger this overflow, leading to arbitrary code execution. The vulnerability is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) [1].

Exploitation

An attacker can exploit this vulnerability by crafting a malicious .fst file and convincing a victim to open it, for example via email attachment. No prior authentication or special privileges are required, but user interaction is necessary. The victim opening the file (e.g., double-clicking) triggers the parsing flow, leading to the buffer overflow [1].

Impact

Successful exploitation allows an attacker to execute arbitrary code with the privileges of the victim. This can result in full compromise of confidentiality, integrity, and availability (CIA). The CVSSv3 score is 7.8 (High) [1].

Mitigation

As of the advisory date (TALOS-2023-1785), no official fix has been released for GTKWave 3.3.115. Users are advised to avoid opening untrusted .fst files until a patch is provided [1].