Vulnerabilities > CVE-2023-43628 - Integer Underflow (Wrap or Wraparound) vulnerability in Gpsd Project Gpsd 3.25.1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

gpsd-project

CWE-191

NVD

Published: 2023-12-05

Updated: 2023-12-11

Summary

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Gpsd_Project Gpsd Project Gpsd 3.25.1	1

Common Weakness Enumeration (CWE)

CWE-191 - Integer Underflow (Wrap or Wraparound)

References

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1860