gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.
[
{
"product": "gpsd and microjson (Open Source Project)",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3"
}
]
}
]