rpm package
almalinux/gpsd
pkg:rpm/almalinux/gpsd
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-67269 | — | < 1:3.26.1-1.el10_1.1 | 1:3.26.1-1.el10_1.1 | Jan 2, 2026 | An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit `ffa1d6f40bca0b035fc7f5e563160ebb67199da7`. When parsing a NAVCOM packet, the payload length is calculated using `lexer->length = (size_t)c - 4` without che | ||
| CVE-2025-67268 | — | < 1:3.26.1-1.el10_1.1 | 1:3.26.1-1.el10_1.1 | Jan 2, 2026 | gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/driver_nmea2000.c file. The hnd_129540 function, which handles NMEA2000 PGN 129540 (GNSS Satellites in View) packets, fails to validate the user-supplied satellite count against the |
- CVE-2025-67269Jan 2, 2026affected < 1:3.26.1-1.el10_1.1fixed 1:3.26.1-1.el10_1.1
An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit `ffa1d6f40bca0b035fc7f5e563160ebb67199da7`. When parsing a NAVCOM packet, the payload length is calculated using `lexer->length = (size_t)c - 4` without che
- CVE-2025-67268Jan 2, 2026affected < 1:3.26.1-1.el10_1.1fixed 1:3.26.1-1.el10_1.1
gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/driver_nmea2000.c file. The hnd_129540 function, which handles NMEA2000 PGN 129540 (GNSS Satellites in View) packets, fails to validate the user-supplied satellite count against the