CVE-2025-67269: n/a
An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit `ffa1d6f40bca0b035fc7f5e563160ebb67199da7`. When parsing a NAVCOM packet, the payload length is calculated using `lexer->length = (size_t)c - 4` without checking if the input byte `c` is less than 4. This results in an unsigned integer underflow, setting `lexer->length` to a very large value (near `SIZE_MAX`). The parser then enters a loop attempting to consume this massive number of bytes, causing 100% CPU utilization and a Denial of Service (DoS) condition.
AI Analysis
Technical Summary
CVE-2025-67269 is an integer underflow vulnerability identified in the gpsd project's NAVCOM packet parser, specifically within the nextstate() function in gpsd/packet.c. The vulnerability arises because the code calculates the payload length as lexer->length = (size_t)c - 4 without verifying if the input byte c is at least 4. If c is less than 4, this subtraction underflows, causing lexer->length to wrap around to a very large unsigned integer value near SIZE_MAX. Subsequently, the parser attempts to consume this enormous number of bytes in a loop, leading to 100% CPU utilization and effectively causing a Denial of Service (DoS) condition. This flaw affects all gpsd versions prior to the commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7, which presumably contains the fix. The vulnerability does not require authentication or user interaction, making it easier to exploit remotely if an attacker can send crafted NAVCOM packets to a gpsd instance. No public exploits have been reported yet, but the nature of the flaw indicates a straightforward attack vector. The gpsd daemon is widely used in Linux-based systems to interface with GPS hardware and parse GPS data, often in embedded systems, transportation, maritime, and aviation sectors. The vulnerability could disrupt GPS data availability, impacting dependent applications and services.
Potential Impact
For European organizations, the impact of CVE-2025-67269 can be significant, particularly for those relying on gpsd for GPS data parsing in critical infrastructure such as transportation, maritime navigation, aviation, and telecommunications. A successful exploitation leads to a Denial of Service by exhausting CPU resources, potentially causing gpsd to become unresponsive or crash. This disruption can affect real-time location tracking, fleet management, timing synchronization, and other GPS-dependent services. In sectors like shipping and aviation, where GPS data integrity and availability are crucial for safety and operational efficiency, such outages could lead to operational delays, safety risks, and financial losses. Additionally, embedded systems in industrial control or smart city deployments using gpsd could experience degraded performance or failure, impacting broader service availability. Although no data confidentiality or integrity compromise is indicated, the availability impact alone is critical. The lack of authentication requirements means attackers could exploit this vulnerability remotely if gpsd is exposed or reachable over a network, increasing the threat surface for European organizations.
Mitigation Recommendations
To mitigate CVE-2025-67269, European organizations should prioritize updating gpsd to the fixed version that includes the commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7 or later. If immediate patching is not possible, organizations should implement network-level controls to restrict access to gpsd services, such as firewall rules limiting incoming connections to trusted hosts only. Additionally, deploying input validation and sanity checks on incoming NAVCOM packets can prevent malformed packets from triggering the underflow. Monitoring CPU usage and setting resource limits on gpsd processes can help detect and contain potential DoS attempts. For embedded or specialized systems where patching is challenging, consider isolating gpsd instances or using application-layer proxies to filter suspicious GPS data. Finally, organizations should maintain up-to-date inventories of systems running gpsd and assess exposure to untrusted networks to reduce attack vectors.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Norway, Sweden, Finland
CVE-2025-67269: n/a
Description
An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit `ffa1d6f40bca0b035fc7f5e563160ebb67199da7`. When parsing a NAVCOM packet, the payload length is calculated using `lexer->length = (size_t)c - 4` without checking if the input byte `c` is less than 4. This results in an unsigned integer underflow, setting `lexer->length` to a very large value (near `SIZE_MAX`). The parser then enters a loop attempting to consume this massive number of bytes, causing 100% CPU utilization and a Denial of Service (DoS) condition.
AI-Powered Analysis
Technical Analysis
CVE-2025-67269 is an integer underflow vulnerability identified in the gpsd project's NAVCOM packet parser, specifically within the nextstate() function in gpsd/packet.c. The vulnerability arises because the code calculates the payload length as lexer->length = (size_t)c - 4 without verifying if the input byte c is at least 4. If c is less than 4, this subtraction underflows, causing lexer->length to wrap around to a very large unsigned integer value near SIZE_MAX. Subsequently, the parser attempts to consume this enormous number of bytes in a loop, leading to 100% CPU utilization and effectively causing a Denial of Service (DoS) condition. This flaw affects all gpsd versions prior to the commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7, which presumably contains the fix. The vulnerability does not require authentication or user interaction, making it easier to exploit remotely if an attacker can send crafted NAVCOM packets to a gpsd instance. No public exploits have been reported yet, but the nature of the flaw indicates a straightforward attack vector. The gpsd daemon is widely used in Linux-based systems to interface with GPS hardware and parse GPS data, often in embedded systems, transportation, maritime, and aviation sectors. The vulnerability could disrupt GPS data availability, impacting dependent applications and services.
Potential Impact
For European organizations, the impact of CVE-2025-67269 can be significant, particularly for those relying on gpsd for GPS data parsing in critical infrastructure such as transportation, maritime navigation, aviation, and telecommunications. A successful exploitation leads to a Denial of Service by exhausting CPU resources, potentially causing gpsd to become unresponsive or crash. This disruption can affect real-time location tracking, fleet management, timing synchronization, and other GPS-dependent services. In sectors like shipping and aviation, where GPS data integrity and availability are crucial for safety and operational efficiency, such outages could lead to operational delays, safety risks, and financial losses. Additionally, embedded systems in industrial control or smart city deployments using gpsd could experience degraded performance or failure, impacting broader service availability. Although no data confidentiality or integrity compromise is indicated, the availability impact alone is critical. The lack of authentication requirements means attackers could exploit this vulnerability remotely if gpsd is exposed or reachable over a network, increasing the threat surface for European organizations.
Mitigation Recommendations
To mitigate CVE-2025-67269, European organizations should prioritize updating gpsd to the fixed version that includes the commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7 or later. If immediate patching is not possible, organizations should implement network-level controls to restrict access to gpsd services, such as firewall rules limiting incoming connections to trusted hosts only. Additionally, deploying input validation and sanity checks on incoming NAVCOM packets can prevent malformed packets from triggering the underflow. Monitoring CPU usage and setting resource limits on gpsd processes can help detect and contain potential DoS attempts. For embedded or specialized systems where patching is challenging, consider isolating gpsd instances or using application-layer proxies to filter suspicious GPS data. Finally, organizations should maintain up-to-date inventories of systems running gpsd and assess exposure to untrusted networks to reduce attack vectors.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2025-12-08T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 6957eb35db813ff03ef3559e
Added to database: 1/2/2026, 3:58:45 PM
Last enriched: 1/2/2026, 4:15:35 PM
Last updated: 1/7/2026, 4:12:39 AM
Views: 25
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-20893: Origin validation error in Fujitsu Client Computing Limited Fujitsu Security Solution AuthConductor Client Basic V2
HighCVE-2025-14891: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ivole Customer Reviews for WooCommerce
MediumCVE-2025-14059: CWE-73 External Control of File Name or Path in roxnor EmailKit – Email Customizer for WooCommerce & WP
MediumCVE-2025-12648: CWE-552 Files or Directories Accessible to External Parties in cbutlerjr WP-Members Membership Plugin
MediumCVE-2025-14631: CWE-476 NULL Pointer Dereference in TP-Link Systems Inc. Archer BE400
HighActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.