Description
JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp.
Published: 2026-05-01
Score: 10 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack-based buffer overflow exists in JS8Call and JS8Call-improved as a result of handling radio transmissions that begin with the @APRSIS GRID prefix followed by an excessively long Maidenhead locator. When the grid2deg function copies this data without proper bounds checking, the stack is corrupted, enabling an attacker to execute arbitrary code, crash the application, or cause a denial‑of‑service. This vulnerability is categorized as CWE‑121.

Affected Systems

All releases of JS8Call up to and including version 2.3.1 and all releases of JS8Call‑improved preceding version 3.0 are impacted. The affected vendors are JS8Call and JS8Call‑improved as distributed through their respective release channels.

Risk and Exploitability

The CVSS score of 10 indicates a critical severity. Though a recent EPSS figure is not available, the lack of a KEV listing suggests no known exploit yet, but the well‑known nature of stack overflows makes exploitation likely through the radio interface. The attack can be performed remotely by an adversary transmitting a crafted APRSIS GRID packet, which could lead to remote code execution or denial of service on the target station.

Generated by OpenCVE AI on May 1, 2026 at 23:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest patch or upgrade to JS8Call version 2.3.2 or later, or JS8Call‑improved version 3.0 or later, as released by the vendor.
  • If an upgrade is not immediately possible, reconfigure the application or use a radio filtering mechanism to reject APRSIS GRID packets that contain overly long Maidenhead locators, thereby preventing the buffer overflow.
  • As an interim measure, isolate or limit the radio interface to trusted sources, or deploy a firewall to block unsolicited APRSIS GRID transmissions from untrusted nodes.

Generated by OpenCVE AI on May 1, 2026 at 23:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 02 May 2026 00:00:00 +0000

Type Values Removed Values Added
Title Stack-Based Buffer Overflow in JS8Call via APRSIS Transmission

Fri, 01 May 2026 22:45:00 +0000

Type Values Removed Values Added
References

Fri, 01 May 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 01 May 2026 07:45:00 +0000

Type Values Removed Values Added
Description JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp. JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp.

Fri, 01 May 2026 07:00:00 +0000

Type Values Removed Values Added
Description JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp.
Weaknesses CWE-121
References
Metrics cvssV4_0

{'score': 10, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:D/RE:M/U:Green'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-01T22:10:45.285Z

Reserved: 2026-05-01T06:42:18.918Z

Link: CVE-2026-42996

cve-icon Vulnrichment

Updated: 2026-05-01T13:24:29.761Z

cve-icon NVD

Status : Deferred

Published: 2026-05-01T07:15:59.787

Modified: 2026-05-01T23:16:18.233

Link: CVE-2026-42996

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T00:00:14Z

Weaknesses