CVE-2025-67269 – An integer underflow vulnerability in gpsd's NA... (How to Fix)

Q: What is the severity of CVE-2025-67269?

CVE-2025-67269 has a CVSS score of 7.5 (HIGH). An integer underflow vulnerability in gpsd's NAVCOM packet parser causes a denial of service condition. When processing malicious packets, the parser enters an infinite loop consuming 100% CPU, rendering the service unavailable. This affects all systems running vulnerable versions of gpsd.

📋 TL;DR

An integer underflow vulnerability in gpsd's NAVCOM packet parser causes a denial of service condition. When processing malicious packets, the parser enters an infinite loop consuming 100% CPU, rendering the service unavailable. This affects all systems running vulnerable versions of gpsd.

💻 Affected Systems

Products:

gpsd

Versions: All versions prior to commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7

Operating Systems: Linux, Unix-like systems

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerable when gpsd is configured to parse NAVCOM packets from untrusted sources.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service outage with 100% CPU utilization, requiring manual intervention to restore functionality.

🟠

Likely Case

Denial of service affecting GPS data processing services, potentially disrupting dependent applications.

🟢

If Mitigated

Limited impact if proper network segmentation and input validation are in place.

🌐 Internet-Facing: MEDIUM - Requires gpsd to be exposed to untrusted networks and receive malicious NAVCOM packets.

🏢 Internal Only: LOW - Internal networks typically have controlled traffic, reducing exposure to malicious packets.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending a specially crafted NAVCOM packet to the vulnerable service.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7 or later

Vendor Advisory: https://gitlab.com/gpsd/gpsd/-/commit/ffa1d6f40bca0b035fc7f5e563160ebb67199da7

Restart Required: Yes

Instructions:

1. Update gpsd to the latest version from the official repository. 2. Apply commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7 if using source. 3. Restart the gpsd service.

🔧 Temporary Workarounds

Network Filtering

linux

Block or filter NAVCOM packets from untrusted sources using firewall rules.

iptables -A INPUT -p udp --dport 2947 -m string --hex-string '|4e4156434f4d|' --algo bm -j DROP

🧯 If You Can't Patch

Implement strict network segmentation to isolate gpsd from untrusted networks.
Monitor CPU usage of gpsd processes and implement automated restart on high utilization.

🔍 How to Verify

Check if Vulnerable:

Check gpsd version or commit hash against the vulnerable range.

Check Version:

gpsd --version

Verify Fix Applied:

Verify the applied commit includes ffa1d6f40bca0b035fc7f5e563160ebb67199da7.

📡 Detection & Monitoring

Log Indicators:

High CPU usage alerts
Service restart logs
Unusual packet parsing errors

Network Indicators:

NAVCOM packets with malformed length fields

SIEM Query:

process.name:"gpsd" AND cpu.usage:>90

📊 Metadata

CVE ID: CVE-2025-67269

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-191

Published: January 2, 2026

Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

https://github.com/Jaenact/gspd_cve/blob/main/CVE-2025-67269/README.md Exploit,Third Party Advisory
https://gitlab.com/gpsd/gpsd Product
https://gitlab.com/gpsd/gpsd/-/commit/ffa1d6f40bca0b035fc7f5e563160ebb67199da7 Patch

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67269, you might also want to check these: