CVE-2023-39414

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Jan 8, 2024

Updated: Apr 9, 2024

CWE ID 191

Summary

CVE-2023-39414 is a newly identified vulnerability affecting GTKWave version 3.3.115. Multiple integer underflow issues exist within the LXT2 lxt2_rd_iter_radix shift operation functionality. A maliciously crafted .lxt2 file can trigger memory corruption, necessitating a user to open a malicious file to exploit this vulnerability. The root cause is an integer underflow during the right shift operation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sLddG3
https://www.cve.org/CVERecord?id=CVE-2023-39414
https://nvd.nist.gov/vuln/detail/CVE-2023-39414

Back to Vulnerability Database

CVE-2023-39414

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations