CVE-2018-17174

Name of the Vulnerable Software and Affected Versions nmealib version 0.5.3

Description A stack-based buffer overflow was discovered in the nmealib library, specifically in the nmea parse() function in parser.c. This issue allows an attacker to trigger denial of service, and potentially arbitrary code execution in certain contexts, by providing malformed data to a product that uses this library.

Recommendations For version 0.5.3, consider restricting the use of the nmea parse() function until a patch is available to prevent potential exploitation. Additionally, ensure that all data parsed by this function is thoroughly validated to minimize the risk of denial of service or arbitrary code execution.