vulnerability
Red Hat: CVE-2025-67269: gpsd: gpsd: Denial of Service due to malformed NAVCOM packet parsing (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Jan 2, 2026 | Jan 20, 2026 | Jan 20, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Jan 2, 2026
Added
Jan 20, 2026
Modified
Jan 20, 2026
Description
A flaw was found in gpsd. A remote attacker can exploit this vulnerability by sending a specially crafted NAVCOM packet. When parsing the packet, an error in calculating the payload length can cause the system to attempt to process an extremely large amount of data. This leads to excessive CPU utilization, resulting in a Denial of Service (DoS) condition where the system becomes unresponsive.
Solutions
redhat-upgrade-gpsdredhat-upgrade-gpsd-clientsredhat-upgrade-gpsd-clients-debuginforedhat-upgrade-gpsd-debuginforedhat-upgrade-gpsd-debugsourceredhat-upgrade-gpsd-minimalredhat-upgrade-gpsd-minimal-clientsredhat-upgrade-gpsd-minimal-clients-debuginforedhat-upgrade-gpsd-minimal-debuginforedhat-upgrade-gpsd-minimal-debugsourceredhat-upgrade-python3-gpsdredhat-upgrade-python3-gpsd-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.