6 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-38650
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can...
CVE-2023-38650
Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...
CVE-2023-38650
CVE-2023-38650 affects GTKWave up to versions around 3.3.118 where the VZT modelo parser (vzt_rd_block_vch_decode) can overflow when num_time_ticks is non-zero, leading to memory corruption after opening a malicious .vzt file. Public advisories indicate multiple vendor stacks (Debian, Fedora) hav...
CVE-2023-38650
Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...
CVE-2023-38650
Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...
GTKWave VZT vzt_rd_block_vch_decode times parsing integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1814 GTKWave VZT vztrdblockvchdecode times parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-38651,CVE-2023-38650 SUMMARY Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode times parsing functionality of...