GTKWave integer overflow vulnerability (CNVD-2024-39039)

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave suffers from an integer overflow vulnerability that can be exploited by an attacker to cause memory corruption using specially crafted .lxt2 files...

PT-2024-12792 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to multiple integer overflow vulnerabilities in the LXT2 facgeometry parsing functionality. A specially crafted .lxt2 file can lead to arbitrary code execution when opened by a victim...