We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's interactive VCD parsing code.
Reserved 2023-07-05 | Published 2024-01-08 | Updated 2024-09-04 | Assigner talosDiscovered by Claudio Bozzato of Cisco Talos.
talosintelligence.com/vulnerability_reports/TALOS-2023-1804
lists.debian.org/debian-lts-announce/2024/04/msg00007.html
Support options