Home
HIGH: 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HDefault status
unaffected
7.1
affected
cpe:2.3:a:blackberry:qnx_software_development_platform:7.1:*:*:*:*:*:*:* (cpe)
affected
7.0
affected
cpe:2.3:a:blackberry:qnx_software_development_platform:7.0:*:*:*:*:*:*:* (cpe)
affected
Default status
unaffected
2.2.8 and earlier
affected
cpe:2.3:o:blackberry:qnx_os_for_safety:2.2:8:*:*:*:*:*:* (cpe)
affected
2.1.5 and earlier
affected
cpe:2.3:o:blackberry:qnx_os_for_safety:2.1:5:*:*:*:*:*:* (cpe)
affected
2.0.3 and earlier
affected
cpe:2.3:o:blackberry:qnx_os_for_safety:2.0:3:*:*:*:*:*:* (cpe)
affected
Default status
unaffected
2.0.2 and earlier
affected
cpe:2.3:o:blackberry:qnx_os_for_medical:2.0:2:*:*:*:*:*:* (cpe)
affected
Description
Buffer Overflow in the entry handler of the TraceEvent() system call could allow an attacker with local access to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel.
Problem types
CWE-121 Stack-based buffer overflow
Product status
7.1
cpe:2.3:a:blackberry:qnx_software_development_platform:7.1:*:*:*:*:*:*:* (cpe)
7.0
cpe:2.3:a:blackberry:qnx_software_development_platform:7.0:*:*:*:*:*:*:* (cpe)
2.2.8 and earlier
cpe:2.3:o:blackberry:qnx_os_for_safety:2.2:8:*:*:*:*:*:* (cpe)
2.1.5 and earlier
cpe:2.3:o:blackberry:qnx_os_for_safety:2.1:5:*:*:*:*:*:* (cpe)
2.0.3 and earlier
cpe:2.3:o:blackberry:qnx_os_for_safety:2.0:3:*:*:*:*:*:* (cpe)
2.0.2 and earlier
cpe:2.3:o:blackberry:qnx_os_for_medical:2.0:2:*:*:*:*:*:* (cpe)
References
support.blackberry.com/pkb/s/article/141213