CVE-2023-35989

Name of the Vulnerable Software and Affected Versions GTKWave version 3.3.115

Description An integer overflow issue exists in the LXT2 zlib block allocation functionality. This can be triggered by a specially crafted .lxt2 file, potentially leading to arbitrary code execution. A victim would need to open a malicious file to exploit this issue.

Recommendations For GTKWave version 3.3.115, consider avoiding the use of .lxt2 files from untrusted sources until a patch is available. As a temporary workaround, restrict the opening of .lxt2 files to minimize the risk of exploitation.