CVE-2018-17937

Summary

gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.

Affected Software

VendorProductVersion RangeStatus
ICS-CERTgpsd and microjson (Open Source Project)gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3affected

Weaknesses

  • CWE-121: STACK-BASED BUFFER OVERFLOW CWE-121

ADP Enrichment

CVE Program Container

Additional References

References