Lucene search
TalosCVELIST:CVE-2023-43628HistoryDec 05, 2023 - 11:35 a.m.
CVE-2023-43628
2023-12-0511:35:01
CWE-191
talos
www.cve.org
5
integer underflow
ntrip stream parsing
memory corruption
network packet
malicious packet
security vulnerability
gpsd 3.25.1~dev
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.2%
An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability.
CNA Affected
[
{
"vendor": "GPSd",
"product": "GPSd",
"versions": [
{
"version": "3.25.1~dev",
"status": "affected"
}
]
}
]Related
cve
cve
CVE-2023-43628
2023-12-05 12:15:43
prion
prion
Integer overflow
2023-12-05 12:15:00
redhatcve
redhatcve
CVE-2023-43628
2023-12-05 14:43:21
ubuntucve
ubuntucve
CVE-2023-43628
2023-12-05 00:00:00
debiancve
debiancve
CVE-2023-43628
2023-12-05 12:15:43
talos
talos
GPSd NTRIP Stream Parsing access violation vulnerability
2023-12-05 00:00:00
nvd
nvd
CVE-2023-43628
2023-12-05 12:15:43
talosblog
talosblog
Remote code execution vulnerabilities found in Buildroot, Foxit PDF Reader
2023-12-06 18:33:06
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.2%
Related for CVELIST:CVE-2023-43628