The NMEA0183 driver in gpsd prior to 3.9 allows remote malicious users to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpreted sentence that lacks certain fields and a terminator. NOTE: a separate issue in the AIS driver was also reported, but it might not be a vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 12.04 |
||
gpsd project gpsd 3.7 |
||
gpsd project gpsd 3.5 |
||
gpsd project gpsd 3.1 |
||
gpsd project gpsd 3.2 |
||
gpsd project gpsd 3.4 |
||
gpsd project gpsd 3.6 |
||
gpsd project gpsd |
||
gpsd project gpsd 3.3 |
||
gpsd project gpsd 3.0 |