Ubuntu alert USN-7948-1 (gpsd)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7948-1] GPSd vulnerabilities | |
| Date: | Thu, 08 Jan 2026 14:54:43 +0000 | |
| Message-ID: | <E1vdrPP-0008Tc-Do@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7948-1 January 08, 2026 gpsd vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in GPSd. Software Description: - gpsd: Global Positioning System Details: It was discovered that GPSd incorrectly handled processing NMEA2000 packets. An attacker could use this issue to cause GPSd to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-67268) It was discovered that GPSd incorrectly handled processing NAVCOM packets. An attacker could possibly use this issue to cause GPSd to consume resources, resulting in a denial of service. (CVE-2025-67269) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 gpsd 3.25-5ubuntu1.25.10.1 libgps30t64 3.25-5ubuntu1.25.10.1 Ubuntu 25.04 gpsd 3.25-5ubuntu1.25.04.1 libgps30t64 3.25-5ubuntu1.25.04.1 Ubuntu 24.04 LTS gpsd 3.25-3ubuntu3.2 libgps30t64 3.25-3ubuntu3.2 Ubuntu 22.04 LTS gpsd 3.22-4ubuntu2.1 libgps28 3.22-4ubuntu2.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7948-1 CVE-2025-67268, CVE-2025-67269 Package Information: https://launchpad.net/ubuntu/+source/gpsd/3.25-5ubuntu1.2... https://launchpad.net/ubuntu/+source/gpsd/3.25-5ubuntu1.2... https://launchpad.net/ubuntu/+source/gpsd/3.25-3ubuntu3.2 https://launchpad.net/ubuntu/+source/gpsd/3.22-4ubuntu2.1
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmlfxSYACgkQcpJm3tlz hgGgCg/7BMo0QGRrUGzvR2viApBX4abtT32X10kR4SLDlNuiIdvbXZNJbQ4ZcdE/ QiQbKtSeL1RRdYq0//30NZqhUWT6UsBYiW26EXTvmn4wg/Q8qizQiNPANX7GcVCG oBBcK1oqmF7I+aq55Hmpcs4b0IWzejetY9BmB/DNPFTCkyWceVudMirl2O1gx3C8 /8LMT9dXIdn4U4qgiSKkOM7MsSsQrXxSE3c9bOoEXISJuYyjyWwJ7fkoX5LWYWJc hEtuJAbwiU5C+jGPuLqc6I/u7m4vwLNSGdf8Kp3elHwB4IVFOv2b0gYIaQMLMm7l kNvjabDtHUPaXeyYqqJxjcjVCWDiRDqPSQYAAvcmK4iOv/BFYZTzAaS/Dx3l0Epl MoyrSssh8krsKzhuNAoU+6nS9wIGeXmX4kyrfBUQ38OXsI/tzSZ81Q5JZcYbqu+A Olh3HGzA+FvoZ+FRNnBsNWV0NjXAc7URu/xm5T7aWbCM3vaZbSHbbpEVA2MapD2K ic5/DH/WmE5OBhGdPg9HK4cgaHV+dYVxeoRuS75MAUpBaEfH4V9Y6BJaj37s73Kf GCuU2s/74bAUXt+a8cflIJZ2uDaNp9BmFcGfziG0Y5Fq1pSsg62afbE9Di9IlTG0 3eb0Lh0i8AMRkk8zyHcS5lpueCcLBBNl/Ta+hNDx1/dXZXfjiAg= =Kgw0 -----END PGP SIGNATURE-----