Yo All! gpsd version 3.27.1 is released. As expected, someone tested 3.27 just after it was released, and found 2 bugs, that are now CVE's. The bugs are not new, so users of older versions should also update.
The CVE's are still under embargo, but the fixes are in 3.27.1.
The first is a heap overflow when parsing a malicious NMEA2000 packet
from a canbus interface.
The second is is an integer overflow, leading to a DoS, when parsing
a malicious NovAtel message.
To trigger the bugs, a malicious user needs to be able to send specially
crafted packets in place of the normal data from your GPS receiver.
If someone can do that, you are already pwned, but we don't want them
to be able to make things worse. Thus the bug fixes.
As always, this release will put a hold on major changes to gpsd until
the people that do not test until .1's have tested this.
Nothing changed to require new API, ABI or shared library
versions
The news file::
3.27.1: 17-Dec-2025
Fixes for two CVE. Parsing failures on malicious packets.
CVE-2025-67268 - Heap-based Out-of-bounds Write, NMEA2000
CVE-2025-67269 - Integer Underflow, NovAtel
Some ubxtool updates.
Apologies to those with MR stuck behind this release. I hope to
get to them soon.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
[email protected] Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can't measure it, you can't improve it." - Lord Kelvin
pgpibqn6KcrUv.pgp
Description: OpenPGP digital signature
