CVE-2025-67268

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions gpsd versions prior to commit dc966aa

Description The software contains a heap-based out-of-bounds write issue in the drivers/driver nmea2000.c file. The hnd 129540 function, responsible for processing NMEA2000 PGN 129540 packets (GNSS Satellites in View), does not properly validate the user-supplied satellite count against the size of the skyview array (184 elements). An attacker can exploit this by providing a satellite count of up to 255, resulting in a write beyond the array boundaries, leading to memory corruption and potential Denial of Service (DoS), and potentially arbitrary code execution.

Recommendations Update gpsd to commit dc966aa or a later version.

Exploit

Fix

DoS

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

ALSA-2026:0770

ALSA-2026:0771

BDU:2026-06690

CVE-2025-67268

MGASA-2026-0028

OPENSUSE-SU-2026:10008-1

RHSA-2026:0770

RHSA-2026:0771

RHSA-2026:1621

USN-7948-1

Affected Products

Debian

Linuxmint

Rocky Linux

Ubuntu

Gpsd

CVE-2025-67268

Weakness Enumeration

Related Identifiers

Affected Products

References · 42