CNNVD-202601-706 Information

CNNVD ID

CNNVD-202601-706

Related CVE

CVE-2025-67268

• CNNVD Published: 2026-01-02

Description (Chinese)

gpsd是gpsd开源的一款用于接收GPS数据的守护程序。 gpsd dc966aa之前版本存在安全漏洞，该漏洞源于drivers/driver_nmea2000.c文件中存在基于堆的越界写入，可能导致内存损坏、拒绝服务和执行任意代码。

Description (English)

gpsd is a daemon for gpsd open source to receive GPS data. The previous version of gpsd dc966aa had a security loophole, which stemmed from the presence of stack-based cross-border entries in the drivers/driver nmea2000.c document, which could lead to memory damage, denial of services and enforcement of arbitrary codes.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

gpsd

Published

2026-01-02

Last Modified

2026-02-24

References

https://github.com/Jaenact/gspd_cve/blob/main/CVE-2025-67268/README.md https://github.com/ntpsec/gpsd/blob/master/drivers/driver_nmea2000.c https://github.com/ntpsec/gpsd/commit/dc966aa74c075d0a6535811d98628625cbfbe3f4