An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Software Development Platform (SDP) version(s) 6.5.0SP1 and previous versions, QNX OS for Medical 1.1 and previous versions, and QNX OS for Safety 1.0.1 and previous versions that could allow an malicious user to potentially perform a denial of service or execute arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
blackberry qnx software development platform |
||
blackberry qnx software development platform 6.5.0 |
||
blackberry qnx os for medical |
||
blackberry qnx os for safety |
Get our weekly newsletter Four months after Microsoft went public, ex-RIM biz puts its hand up
BlackBerry this week issued a critical security advisory for past versions of its QNX Real Time Operating System (RTOS), used in more than 175m cars, medical equipment, and industrial systems. BlackBerry QNX Software Development Platform (SDP) version 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 are affected by an integer overflow vulnerability in the calloc() function of the C runtime library. The flaw, identified as CVE-2021-22156 with a CVSS (severity)...