Bug 958717 (CVE-2013-2038)

Summary: gpsd: DoS (packet parser crash) in the NMEA0183 driver when processing malformed packet
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED UPSTREAM QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: jrusnack, mlichvar, oe, silfreed
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: gpsd-3.9 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-10 11:00:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 958719    
Bug Blocks:    

Description Jan Lieskovsky 2013-05-02 09:44:56 UTC 
A denial of service flaw was found in the way NMEA0183 driver packet parser of gpsd, a service daemon for mediating access to a GPS, processed certain malformed packets. A remote attacker could provide a specially-crafted device input that, when processed would lead to gpsd's packet parser crash (gpsd daemon termination).

References:
[1] http://lists.nongnu.org/archive/html/gpsd-dev/2013-05/msg00000.html

Relevant upstream patch:
[2] http://git.savannah.gnu.org/cgit/gpsd.git/commit/?id=dd9c3c2830cb8f8fd8491ce68c82698dc5538f50
Comment 1 Jan Lieskovsky 2013-05-02 09:50:18 UTC 
This issue affects the versions of the gpsd package, as shipped with Fedora release of 17 and 18. Please schedule an update.
Comment 2 Jan Lieskovsky 2013-05-02 09:50:54 UTC 
Created gpsd tracking bugs for this issue

Affects: fedora-all [bug 958719]
Comment 3 Jan Lieskovsky 2013-05-02 10:00:08 UTC 
CVE Request:
  http://www.openwall.com/lists/oss-security/2013/05/02/7
Comment 4 Kurt Seifried 2013-05-03 06:35:34 UTC 
Assigned CVE as per http://seclists.org/oss-sec/2013/q2/268
Comment 5 Oden Eriksson 2013-05-07 07:01:55 UTC 
Jan, please see:

https://bugs.mageia.org/show_bug.cgi?id=9969#c2
Comment 6 Jan Lieskovsky 2013-05-07 08:30:02 UTC 
Together with the DoS in NMEA driver, upstream corrected also one potential crash in AIS driver:
  http://openwall.com/lists/oss-security/2013/05/03/3

Relevant upstream patch:
  http://git.savannah.gnu.org/cgit/gpsd.git/commit/?id=08edc49d8f63c75bfdfb480b083b0d960310f94f
Comment 7 Jan Lieskovsky 2013-05-07 08:46:14 UTC 
(In reply to comment #5)
> Jan, please see:
> 
> https://bugs.mageia.org/show_bug.cgi?id=9969#c2

Thanks, Oden. Replied.
Comment 8 Jan Lieskovsky 2013-05-09 14:20:31 UTC 
Eric clarified the problem was in NMEA0183:
  http://openwall.com/lists/oss-security/2013/05/08/1
Comment 9 Fedora Update System 2013-05-29 00:53:19 UTC 
gpsd-3.9-1.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2013-05-29 01:00:35 UTC 
gpsd-3.9-1.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Product Security DevOps Team 2019-06-10 11:00:36 UTC 
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.