An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability.
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gpsd | Gpsd_project | 3.25.1-dev (including) | 3.25.1-dev (including) |
Gpsd | Ubuntu | bionic | * |
Gpsd | Ubuntu | trusty | * |
Gpsd | Ubuntu | xenial | * |