VYPR

rpm package

opensuse/gpsd&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/gpsd&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2025-67269Jan 2, 2026
    affected < 3.27.3-1.1fixed 3.27.3-1.1

    An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit `ffa1d6f40bca0b035fc7f5e563160ebb67199da7`. When parsing a NAVCOM packet, the payload length is calculated using `lexer->length = (size_t)c - 4` without che

  • CVE-2025-67268Jan 2, 2026
    affected < 3.27.3-1.1fixed 3.27.3-1.1

    gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/driver_nmea2000.c file. The hnd_129540 function, which handles NMEA2000 PGN 129540 (GNSS Satellites in View) packets, fails to validate the user-supplied satellite count against the