CVE-2023-37923

Vulnerability

GTKWave 3.3.115 contains multiple arbitrary write vulnerabilities in the sorted bsearch functionality during parsing of VCD files. The issue resides in the vcd_parse function used by the vcd2lxt, vcd2lxt2, and vcd2vzt conversion utilities. A range error (CWE-118) allows out-of-bounds writes when processing a specially crafted .vcd file. [1]

Exploitation

An attacker can exploit this vulnerability by crafting a malicious .vcd file and convincing a victim to open it with the vcd2lxt utility or similar conversion tool. No authentication is required, but user interaction is necessary. The attack vector is local with low complexity (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). [1]

Impact

Successful exploitation results in arbitrary code execution in the context of the GTKWave process, leading to full compromise of confidentiality, integrity, and availability. [1]

Mitigation

As of the publication date (2024-01-08), no fixed version of GTKWave has been released. Users should avoid opening untrusted .vcd files with GTKWave or its conversion utilities until a patch is available. [1]