CVE-2023-39414

Vulnerability

The vulnerability resides in the LXT2 parsing functionality of GTKWave 3.3.115, specifically in the lxt2_rd_iter_radix shift operation where an integer underflow can occur. A specially crafted .lxt2 file can trigger this condition, leading to memory corruption. The code path is reachable when a victim opens a malicious .lxt2 file using GTKWave or its associated utilities.[1]

Exploitation

An attacker must craft a malicious .lxt2 file and convince a victim to open it, for example by double-clicking on the file or importing it into GTKWave. No authentication is required, but user interaction is necessary. The attacker does not need any special network position or privileges, as the vulnerability is triggered locally upon file opening.[1]

Impact

Successful exploitation results in memory corruption, which can potentially lead to arbitrary code execution, information disclosure, or denial of service. The CVSS v3.1 score is 7.0 (High) with impacts on confidentiality, integrity, and availability all rated as high.[1]

Mitigation

As of the publication date, no fix has been disclosed in the available references. Users are advised to avoid opening untrusted .lxt2 files and to monitor the vendor's website for updates. The only confirmed vulnerable version is GTKWave 3.3.115.[1]