CVE-2023-37442

Vulnerability

Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. The bug resides in the vcd_parse function, which is used in both the GUI and command-line conversion utilities. A specially crafted .vcd file triggers these out-of-bounds reads when parsed. The affected version is 3.3.115 [1].

Exploitation

An attacker must convince a victim to open a malicious .vcd file using GTKWave. No authentication or special privileges are required; the victim only needs to load the file via the GUI or a command-line tool. The crafted file contains malformed var definitions that cause out-of-bounds reads during parsing, which can lead to arbitrary code execution [1].

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the GTKWave process, leading to full compromise of confidentiality, integrity, and availability. The CVSSv3 score is 7.8 (High) [1].

Mitigation

As of the publication date (2024-01-08), no patched version has been disclosed. Users should avoid opening untrusted .vcd files with GTKWave 3.3.115. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. Monitor vendor updates for a future fix [1].