CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
33.6%
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3785 advisory.
An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-32650)
An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially crafted .evcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-34087)
An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-34436)
An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35004)
An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35057)
An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35128)
Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32 function. (CVE-2023-35702)
Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint64 function. (CVE-2023-35703)
Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function. (CVE-2023-35704)
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function LZ4_decompress_safe_partial
. (CVE-2023-35955)
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function fastlz_decompress
. (CVE-2023-35956)
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function uncompress
. (CVE-2023-35957)
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the copy function fstFread
. (CVE-2023-35958)
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns .ghw
decompression.
(CVE-2023-35959)
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in vcd_main
. (CVE-2023-35960)
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in vcd_recorder_main
. (CVE-2023-35961)
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the vcd2vzt
utility. (CVE-2023-35962)
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the vcd2lxt2
utility. (CVE-2023-35963)
Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the vcd2lxt
utility. (CVE-2023-35964)
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of FST_BL_VCDATA
and FST_BL_VCDATA_DYN_ALIAS
section types. (CVE-2023-35969)
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of the FST_BL_VCDATA_DYN_ALIAS2
section type. (CVE-2023-35970)
An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35989)
An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35992)
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta initialization part. (CVE-2023-35994)
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 1. (CVE-2023-35995)
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 0. (CVE-2023-35996)
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 2 or more. (CVE-2023-35997)
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of len
in fstWritex
when parsing the time table. (CVE-2023-36746)
Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of len
in fstWritex
when beg_time
does not match the start of the time table.
(CVE-2023-36747)
An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115.
A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-36861)
An integer overflow vulnerability exists in the fstReaderIterBlocks2 temp_signal_value_buf allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-36864)
Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the chain_table
array. (CVE-2023-36915)
Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the chain_table_lengths
array. (CVE-2023-36916)
An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-37282)
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI’s legacy VCD parsing code. (CVE-2023-37416)
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI’s interactive VCD parsing code. (CVE-2023-37417)
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility. (CVE-2023-37418)
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37419)
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility. (CVE-2023-37420)
Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI’s default VCD parsing code. (CVE-2023-37442)
Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI’s legacy VCD parsing code. (CVE-2023-37443)
Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI’s interactive VCD parsing code. (CVE-2023-37444)
Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility. (CVE-2023-37445)
Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37446)
Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility. (CVE-2023-37447)
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI’s recoder (default) VCD parsing code. (CVE-2023-37573)
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI’s legacy VCD parsing code. (CVE-2023-37574)
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI’s interactive VCD parsing code. (CVE-2023-37575)
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2vzt conversion utility. (CVE-2023-37576)
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37577)
Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt conversion utility. (CVE-2023-37578)
Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2vzt conversion utility. (CVE-2023-37921)
Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37922)
Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt conversion utility. (CVE-2023-37923)
A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-38583)
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the rows
array. (CVE-2023-38618)
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the msb
array. (CVE-2023-38619)
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the lsb
array. (CVE-2023-38620)
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the flags
array. (CVE-2023-38621)
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the len
array. (CVE-2023-38622)
Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the vindex_offset
array. (CVE-2023-38623)
Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop. (CVE-2023-38648)
Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop. (CVE-2023-38649)
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero. (CVE-2023-38650)
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. (CVE-2023-38651)
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero. (CVE-2023-38652)
Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero. (CVE-2023-38653)
An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-38657)
Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of- bounds write when looping over lt->numrealfacs
. (CVE-2023-39234)
Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of- bounds write when looping over lt->num_time_ticks
. (CVE-2023-39235)
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the rows
array. (CVE-2023-39270)
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the msb
array. (CVE-2023-39271)
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the lsb
array. (CVE-2023-39272)
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the flags
array. (CVE-2023-39273)
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the len
array. (CVE-2023-39274)
Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the value
array. (CVE-2023-39275)
Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the string_pointers
array. (CVE-2023-39316)
Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the string_lens
array. (CVE-2023-39317)
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the left shift operation. (CVE-2023-39413)
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the right shift operation. (CVE-2023-39414)
Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop. (CVE-2023-39443)
Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop. (CVE-2023-39444)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-3785. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('compat.inc');
if (description)
{
script_id(193132);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/10");
script_cve_id(
"CVE-2023-32650",
"CVE-2023-34087",
"CVE-2023-34436",
"CVE-2023-35004",
"CVE-2023-35057",
"CVE-2023-35128",
"CVE-2023-35702",
"CVE-2023-35703",
"CVE-2023-35704",
"CVE-2023-35955",
"CVE-2023-35956",
"CVE-2023-35957",
"CVE-2023-35958",
"CVE-2023-35959",
"CVE-2023-35960",
"CVE-2023-35961",
"CVE-2023-35962",
"CVE-2023-35963",
"CVE-2023-35964",
"CVE-2023-35969",
"CVE-2023-35970",
"CVE-2023-35989",
"CVE-2023-35992",
"CVE-2023-35994",
"CVE-2023-35995",
"CVE-2023-35996",
"CVE-2023-35997",
"CVE-2023-36746",
"CVE-2023-36747",
"CVE-2023-36861",
"CVE-2023-36864",
"CVE-2023-36915",
"CVE-2023-36916",
"CVE-2023-37282",
"CVE-2023-37416",
"CVE-2023-37417",
"CVE-2023-37418",
"CVE-2023-37419",
"CVE-2023-37420",
"CVE-2023-37442",
"CVE-2023-37443",
"CVE-2023-37444",
"CVE-2023-37445",
"CVE-2023-37446",
"CVE-2023-37447",
"CVE-2023-37573",
"CVE-2023-37574",
"CVE-2023-37575",
"CVE-2023-37576",
"CVE-2023-37577",
"CVE-2023-37578",
"CVE-2023-37921",
"CVE-2023-37922",
"CVE-2023-37923",
"CVE-2023-38583",
"CVE-2023-38618",
"CVE-2023-38619",
"CVE-2023-38620",
"CVE-2023-38621",
"CVE-2023-38622",
"CVE-2023-38623",
"CVE-2023-38648",
"CVE-2023-38649",
"CVE-2023-38650",
"CVE-2023-38651",
"CVE-2023-38652",
"CVE-2023-38653",
"CVE-2023-38657",
"CVE-2023-39234",
"CVE-2023-39235",
"CVE-2023-39270",
"CVE-2023-39271",
"CVE-2023-39272",
"CVE-2023-39273",
"CVE-2023-39274",
"CVE-2023-39275",
"CVE-2023-39316",
"CVE-2023-39317",
"CVE-2023-39413",
"CVE-2023-39414",
"CVE-2023-39443",
"CVE-2023-39444"
);
script_name(english:"Debian dla-3785 : gtkwave - security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
script_set_attribute(attribute:"description", value:
"The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the
dla-3785 advisory.
- An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave
3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A
victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-32650)
- An improper array index validation vulnerability exists in the EVCD var len parsing functionality of
GTKWave 3.3.115. A specially crafted .evcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger this vulnerability. (CVE-2023-34087)
- An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger this vulnerability. (CVE-2023-34436)
- An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave
3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger this vulnerability. (CVE-2023-35004)
- An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality
of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to
open a malicious file to trigger this vulnerability. (CVE-2023-35057)
- An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality
of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to
open a malicious file to trigger this vulnerability. (CVE-2023-35128)
- Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of
GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
fstReaderVarint32 function. (CVE-2023-35702)
- Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of
GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
fstReaderVarint64 function. (CVE-2023-35703)
- Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of
GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
fstReaderVarint32WithSkip function. (CVE-2023-35704)
- Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing
functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the decompression function `LZ4_decompress_safe_partial`. (CVE-2023-35955)
- Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing
functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the decompression function `fastlz_decompress`. (CVE-2023-35956)
- Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing
functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the decompression function `uncompress`. (CVE-2023-35957)
- Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing
functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the copy function `fstFread`. (CVE-2023-35958)
- Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression.
(CVE-2023-35959)
- Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in
`vcd_main`. (CVE-2023-35960)
- Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in
`vcd_recorder_main`. (CVE-2023-35961)
- Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2vzt`
utility. (CVE-2023-35962)
- Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the
`vcd2lxt2` utility. (CVE-2023-35963)
- Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115.
A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt`
utility. (CVE-2023-35964)
- Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_DYN_ALIAS` section types. (CVE-2023-35969)
- Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the chain_table of the `FST_BL_VCDATA_DYN_ALIAS2` section type. (CVE-2023-35970)
- An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger this vulnerability. (CVE-2023-35989)
- An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of
GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory
corruption. A victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-35992)
- Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the tdelta initialization part. (CVE-2023-35994)
- Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the tdelta indexing when signal_lens is 1. (CVE-2023-35995)
- Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the tdelta indexing when signal_lens is 0. (CVE-2023-35996)
- Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the tdelta indexing when signal_lens is 2 or more. (CVE-2023-35997)
- Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim
would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
handling of `len` in `fstWritex` when parsing the time table. (CVE-2023-36746)
- Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim
would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
handling of `len` in `fstWritex` when `beg_time` does not match the start of the time table.
(CVE-2023-36747)
- An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115.
A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger this vulnerability. (CVE-2023-36861)
- An integer overflow vulnerability exists in the fstReaderIterBlocks2 temp_signal_value_buf allocation
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger this vulnerability. (CVE-2023-36864)
- Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the allocation of the `chain_table` array. (CVE-2023-36915)
- Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation
functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the allocation of the `chain_table_lengths` array. (CVE-2023-36916)
- An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave
3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger this vulnerability. (CVE-2023-37282)
- Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
write when triggered via the GUI's legacy VCD parsing code. (CVE-2023-37416)
- Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
write when triggered via the GUI's interactive VCD parsing code. (CVE-2023-37417)
- Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
write when triggered via the vcd2vzt conversion utility. (CVE-2023-37418)
- Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37419)
- Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
write when triggered via the vcd2lxt conversion utility. (CVE-2023-37420)
- Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
read when triggered via the GUI's default VCD parsing code. (CVE-2023-37442)
- Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
read when triggered via the GUI's legacy VCD parsing code. (CVE-2023-37443)
- Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
read when triggered via the GUI's interactive VCD parsing code. (CVE-2023-37444)
- Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
write when triggered via the vcd2vzt conversion utility. (CVE-2023-37445)
- Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
write when triggered via the vcd2lxt2 conversion utility. (CVE-2023-37446)
- Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of
GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds
write when triggered via the vcd2lxt conversion utility. (CVE-2023-37447)
- Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
triggered via the GUI's recoder (default) VCD parsing code. (CVE-2023-37573)
- Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
triggered via the GUI's legacy VCD parsing code. (CVE-2023-37574)
- Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
triggered via the GUI's interactive VCD parsing code. (CVE-2023-37575)
- Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
triggered via the vcd2vzt conversion utility. (CVE-2023-37576)
- Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
triggered via the vcd2lxt2 conversion utility. (CVE-2023-37577)
- Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave
3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when
triggered via the vcd2lxt conversion utility. (CVE-2023-37578)
- Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when
triggered via the vcd2vzt conversion utility. (CVE-2023-37921)
- Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when
triggered via the vcd2lxt2 conversion utility. (CVE-2023-37922)
- Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115.
A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when
triggered via the vcd2lxt conversion utility. (CVE-2023-37923)
- A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of
GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need
to open a malicious file to trigger this vulnerability. (CVE-2023-38583)
- Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `rows` array. (CVE-2023-38618)
- Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `msb` array. (CVE-2023-38619)
- Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `lsb` array. (CVE-2023-38620)
- Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `flags` array. (CVE-2023-38621)
- Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `len` array. (CVE-2023-38622)
- Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a
malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `vindex_offset` array. (CVE-2023-38623)
- Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression
functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the out-of-bounds write perfomed by the prefix copy loop. (CVE-2023-38648)
- Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression
functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A
victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns
the out-of-bounds write perfomed by the string copy loop. (CVE-2023-38649)
- Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing
functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim
would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
integer overflow when num_time_ticks is not zero. (CVE-2023-38650)
- Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing
functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim
would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
integer overflow when num_time_ticks is zero. (CVE-2023-38651)
- Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing
functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim
would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
integer overflow when num_time_ticks is not zero. (CVE-2023-38652)
- Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing
functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim
would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
integer overflow when num_time_ticks is zero. (CVE-2023-38653)
- An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger this vulnerability. (CVE-2023-38657)
- Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality
of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would
need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-
bounds write when looping over `lt->numrealfacs`. (CVE-2023-39234)
- Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality
of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would
need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-
bounds write when looping over `lt->num_time_ticks`. (CVE-2023-39235)
- Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `rows` array. (CVE-2023-39270)
- Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `msb` array. (CVE-2023-39271)
- Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `lsb` array. (CVE-2023-39272)
- Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `flags` array. (CVE-2023-39273)
- Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `len` array. (CVE-2023-39274)
- Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `value` array. (CVE-2023-39275)
- Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `string_pointers` array. (CVE-2023-39316)
- Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave
3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open
a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when
allocating the `string_lens` array. (CVE-2023-39317)
- Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation
functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim
would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
integer underflow when performing the left shift operation. (CVE-2023-39413)
- Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation
functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim
would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the
integer underflow when performing the right shift operation. (CVE-2023-39414)
- Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A
specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious
file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the
prefix copy loop. (CVE-2023-39443)
- Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A
specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious
file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the
string copy loop. (CVE-2023-39444)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/gtkwave");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-32650");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-34087");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-34436");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35004");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35057");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35128");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35702");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35703");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35704");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35955");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35956");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35957");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35958");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35959");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35960");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35961");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35962");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35963");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35964");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35969");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35970");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35989");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35992");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35994");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35995");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35996");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-35997");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36746");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36747");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36861");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36864");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36915");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-36916");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37282");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37416");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37417");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37418");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37419");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37420");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37442");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37443");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37444");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37445");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37446");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37447");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37573");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37574");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37575");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37576");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37577");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37578");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37921");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37922");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-37923");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38583");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38618");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38619");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38620");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38621");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38622");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38623");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38648");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38649");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38650");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38651");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38652");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38653");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-38657");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39234");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39235");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39270");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39271");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39272");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39273");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39274");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39275");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39316");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39317");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39413");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39414");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39443");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-39444");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/gtkwave");
script_set_attribute(attribute:"solution", value:
"Upgrade the gtkwave packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-39444");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/01/08");
script_set_attribute(attribute:"patch_publication_date", value:"2024/04/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/10");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gtkwave");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(10)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);
var pkgs = [
{'release': '10.0', 'prefix': 'gtkwave', 'reference': '3.3.98+really3.3.118-0+deb10u1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var _release = NULL;
var prefix = NULL;
var reference = NULL;
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (_release && prefix && reference) {
if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : deb_report_get()
);
exit(0);
}
else
{
var tested = deb_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gtkwave');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32650
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34087
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35004
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35057
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35128
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35702
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35703
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35704
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35955
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35956
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35959
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35960
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35961
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35962
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35963
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35969
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35970
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35989
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35992
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35994
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35996
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35997
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36746
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36747
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36861
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36915
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36916
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37282
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37416
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37417
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37418
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37419
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37420
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37442
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37443
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37444
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37445
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37446
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37447
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37573
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37574
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37576
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37577
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37578
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37921
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37922
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37923
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38583
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38618
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38620
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38621
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38649
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38650
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38651
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38653
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38657
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39234
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39235
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39270
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39271
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39272
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39273
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39274
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39275
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39316
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39317
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39413
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39414
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39443
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39444
packages.debian.org/source/buster/gtkwave
security-tracker.debian.org/tracker/CVE-2023-32650
security-tracker.debian.org/tracker/CVE-2023-34087
security-tracker.debian.org/tracker/CVE-2023-34436
security-tracker.debian.org/tracker/CVE-2023-35004
security-tracker.debian.org/tracker/CVE-2023-35057
security-tracker.debian.org/tracker/CVE-2023-35128
security-tracker.debian.org/tracker/CVE-2023-35702
security-tracker.debian.org/tracker/CVE-2023-35703
security-tracker.debian.org/tracker/CVE-2023-35704
security-tracker.debian.org/tracker/CVE-2023-35955
security-tracker.debian.org/tracker/CVE-2023-35956
security-tracker.debian.org/tracker/CVE-2023-35957
security-tracker.debian.org/tracker/CVE-2023-35958
security-tracker.debian.org/tracker/CVE-2023-35959
security-tracker.debian.org/tracker/CVE-2023-35960
security-tracker.debian.org/tracker/CVE-2023-35961
security-tracker.debian.org/tracker/CVE-2023-35962
security-tracker.debian.org/tracker/CVE-2023-35963
security-tracker.debian.org/tracker/CVE-2023-35964
security-tracker.debian.org/tracker/CVE-2023-35969
security-tracker.debian.org/tracker/CVE-2023-35970
security-tracker.debian.org/tracker/CVE-2023-35989
security-tracker.debian.org/tracker/CVE-2023-35992
security-tracker.debian.org/tracker/CVE-2023-35994
security-tracker.debian.org/tracker/CVE-2023-35995
security-tracker.debian.org/tracker/CVE-2023-35996
security-tracker.debian.org/tracker/CVE-2023-35997
security-tracker.debian.org/tracker/CVE-2023-36746
security-tracker.debian.org/tracker/CVE-2023-36747
security-tracker.debian.org/tracker/CVE-2023-36861
security-tracker.debian.org/tracker/CVE-2023-36864
security-tracker.debian.org/tracker/CVE-2023-36915
security-tracker.debian.org/tracker/CVE-2023-36916
security-tracker.debian.org/tracker/CVE-2023-37282
security-tracker.debian.org/tracker/CVE-2023-37416
security-tracker.debian.org/tracker/CVE-2023-37417
security-tracker.debian.org/tracker/CVE-2023-37418
security-tracker.debian.org/tracker/CVE-2023-37419
security-tracker.debian.org/tracker/CVE-2023-37420
security-tracker.debian.org/tracker/CVE-2023-37442
security-tracker.debian.org/tracker/CVE-2023-37443
security-tracker.debian.org/tracker/CVE-2023-37444
security-tracker.debian.org/tracker/CVE-2023-37445
security-tracker.debian.org/tracker/CVE-2023-37446
security-tracker.debian.org/tracker/CVE-2023-37447
security-tracker.debian.org/tracker/CVE-2023-37573
security-tracker.debian.org/tracker/CVE-2023-37574
security-tracker.debian.org/tracker/CVE-2023-37575
security-tracker.debian.org/tracker/CVE-2023-37576
security-tracker.debian.org/tracker/CVE-2023-37577
security-tracker.debian.org/tracker/CVE-2023-37578
security-tracker.debian.org/tracker/CVE-2023-37921
security-tracker.debian.org/tracker/CVE-2023-37922
security-tracker.debian.org/tracker/CVE-2023-37923
security-tracker.debian.org/tracker/CVE-2023-38583
security-tracker.debian.org/tracker/CVE-2023-38618
security-tracker.debian.org/tracker/CVE-2023-38619
security-tracker.debian.org/tracker/CVE-2023-38620
security-tracker.debian.org/tracker/CVE-2023-38621
security-tracker.debian.org/tracker/CVE-2023-38622
security-tracker.debian.org/tracker/CVE-2023-38623
security-tracker.debian.org/tracker/CVE-2023-38648
security-tracker.debian.org/tracker/CVE-2023-38649
security-tracker.debian.org/tracker/CVE-2023-38650
security-tracker.debian.org/tracker/CVE-2023-38651
security-tracker.debian.org/tracker/CVE-2023-38652
security-tracker.debian.org/tracker/CVE-2023-38653
security-tracker.debian.org/tracker/CVE-2023-38657
security-tracker.debian.org/tracker/CVE-2023-39234
security-tracker.debian.org/tracker/CVE-2023-39235
security-tracker.debian.org/tracker/CVE-2023-39270
security-tracker.debian.org/tracker/CVE-2023-39271
security-tracker.debian.org/tracker/CVE-2023-39272
security-tracker.debian.org/tracker/CVE-2023-39273
security-tracker.debian.org/tracker/CVE-2023-39274
security-tracker.debian.org/tracker/CVE-2023-39275
security-tracker.debian.org/tracker/CVE-2023-39316
security-tracker.debian.org/tracker/CVE-2023-39317
security-tracker.debian.org/tracker/CVE-2023-39413
security-tracker.debian.org/tracker/CVE-2023-39414
security-tracker.debian.org/tracker/CVE-2023-39443
security-tracker.debian.org/tracker/CVE-2023-39444
security-tracker.debian.org/tracker/source-package/gtkwave
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
33.6%