CVE-2023-37574: 
NixOS vulnerability analysis and mitigation

Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities. This vulnerability specifically concerns the use-after-free when triggered via the GUI's legacy VCD parsing code (Talos, NVD).

The vulnerability is classified as CWE-416 (Use After Free) with a CVSS v3.1 Base Score of 7.8 HIGH (Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The issue occurs in the VCD get_vartoken realloc functionality where a use-after-free condition can be triggered when processing specially crafted .vcd files. The vulnerability specifically affects the GUI's legacy VCD parsing code and can be triggered by using the -L flag when starting GTKWave (Talos).

The vulnerability can lead to arbitrary code execution when a specially crafted .vcd file is opened by a victim. The high CVSS score indicates potential severe impacts on confidentiality, integrity, and availability of the affected system (Talos).

The vulnerability has been fixed in GTKWave version 3.3.118. Users are recommended to upgrade to this version or later. The fix has been included in various distribution updates, including Debian 10 (buster) version 3.3.98+really3.3.118-0+deb10u1 (Debian LTS).