Astra Linux - уязвимость в gpsd

There is an integer underflow vulnerability in the nextstate function in gpsd/packet.c in gpsd versions prior to the commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7. When parsing a NAVCOM packet, the payload length is calculated using lexer-length = sizetc - 4, without checking whether the input...

Advisory ROSA-SA-2026-3228

software: gpsd 3.21 WASP: ROSA-CHROME unaffected versions = gpsd-3.21-5 affected versions gpsd-3.21-5 CVE-ID: CVE-2025-67268 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: Vulnerability in gpsd before commit dc966aa: in drivers/drivernmea2000.c, function hnd129540 handling PGN 129540 - GNSS Satellite...

OESA-2026-1642 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early withou...

OSV-2026-359 Segv on unknown address in gpsd_vlog

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=490142464 Crash type: Segv on unknown address Crash state: gpsdvlog gpsdlog processGSV...

OSV-2026-307 Global-buffer-overflow in navcom_parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486709178 Crash type: Global-buffer-overflow READ 1 Crash state: navcomparse gpsdpoll FuzzDrivers.c...

OSV-2026-240 Use-of-uninitialized-value in packet_get1

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=483928517 Crash type: Use-of-uninitialized-value Crash state: packetget1 gpsdpoll FuzzDrivers.c...

OSV-2026-226 UNKNOWN WRITE in decode_xa2_00

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482909898 Crash type: UNKNOWN WRITE Crash state: decodexa200 tsipparseinput gpsdpoll...

OSV-2026-212 UNKNOWN READ in gpsd_poll

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482617785 Crash type: UNKNOWN READ Crash state: gpsdpoll FuzzDriversStructured.c...

OSV-2026-205 UNKNOWN READ in gpsd_poll

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481932457 Crash type: UNKNOWN READ Crash state: gpsdpoll FuzzDrivers.c...

RHSA-2026:1621 Red Hat Security Advisory: gpsd security update

Bulletin has no description...

Important: Red Hat Security Advisory: gpsd security update

An update for gpsd is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 10 : gpsd (RHSA-2026:1621)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1621 advisory. gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the...

OSV-2026-167 Use-of-uninitialized-value in aivdm_analyze

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479564939 Crash type: Use-of-uninitialized-value Crash state: aivdmanalyze gpsdpoll FuzzDrivers.c...

Photon OS 5.0: Gpsd PHSA-2026-5.0-0738

An update of the gpsd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0738. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Gpsd PHSA-2026-4.0-0947

An update of the gpsd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0947. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Gpsd PHSA-2026-4.0-0948

An update of the gpsd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0948. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Gpsd PHSA-2026-5.0-0737

An update of the gpsd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0737. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Mageia: Security Advisory (MGASA-2026-0028)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSV-2026-156 Segv on unknown address in aivdm_analyze

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478021379 Crash type: Segv on unknown address Crash state: aivdmanalyze gpsdpoll FuzzDrivers.c...

AlmaLinux 9 : gpsd-minimal (ALSA-2026:0771)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0771 advisory. gpsd: gpsd: Denial of Service due to malformed NAVCOM packet parsing CVE-2025-67269 gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds writ...