Your message dated Sun, 10 Dec 2023 16:35:17 +0100
with message-id <[email protected]>
and subject line Re: Bug#1057667: gpsd: CVE-2023-43628
has caused the Debian Bug report #1057667,
regarding gpsd: CVE-2023-43628
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1057667: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057667
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: gpsd
Version: 3.25-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

Hi,

The following vulnerability was published for gpsd.

CVE-2023-43628[0]:
| An integer underflow vulnerability exists in the NTRIP Stream
| Parsing functionality of GPSd 3.25.1~dev. A specially crafted
| network packet can lead to memory corruption. An attacker can send a
| malicious packet to trigger this vulnerability.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-43628
    https://www.cve.org/CVERecord?id=CVE-2023-43628
[1] https://talosintelligence.com/vulnerability_reports/TALOS-2023-1860

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.6-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

--- End Message ---
--- Begin Message ---
Hi Boian,

On Sun, Dec 10, 2023 at 08:51:30AM +0100, Salvatore Bonaccorso wrote:
> Hi Boian,
> 
> On Sun, Dec 10, 2023 at 01:10:01AM +0200, Boian Bonev wrote:
> > Hi,
> > 
> > That report states that the bug affects 3.25.1~dev. There is no such gpsd
> > release.
> > 
> > I did check with upstream - that is a development git tree. And the problem 
> > is
> > already fixed and will not affect the next gpsd version (supposedly 3.26)
> > 
> > 3.25-2 in Debian is also not affected.
> > 
> > I'd suggest closing this bug.
> 
> Thanks for the input on the bugreport. Note we cannot generally just
> trust version informations. But your comment let me look again at the
> issue.
> 
> If I'm not mistaken, the fixing commit is
> https://gitlab.com/gpsd/gpsd/-/commit/3e5c6c28c422102dd453e31912e1e79d1f7ff7f2
> . But this is not 100% assessed, but looks to be valid following the
> issue description from the TALOS report. I was so far unable to
> reprdouce with a "fake" TRIP caster. Form the sourround code the issue
> might still only be introduced with
> 
> https://gitlab.com/gpsd/gpsd/-/commit/6ccd477f5e21a45f6c52a21ad323c93e59aa2461
> https://gitlab.com/gpsd/gpsd/-/commit/c1c1c2706c4f5b9bf3be437d0a8f0106ef00c5e7
> 
> We need to be able to assess is this ist the correct deduction. If so
> then you are correct, and it won't affect even the version in
> unstable.
> 
> gpsd Maintainers, had you already a chance to look closer at the
> issue?

Went again trough the TALOS report, and the issue seems related as
above involving the lexer_getline.

Regards,
Salvatore

--- End Message ---

Reply via email to