Buffer Overflow in BlackBerry QNX Neutrino RTOS Affecting Users
CVE-2013-2688

Currently unrated

Key Information:

Vendor: Blackberry
Status: Qnx Software Development Platform; Qnx Neutrino Rtos
Vendor: CVE Published:; 12 July 2013

What is CVE-2013-2688?

A buffer overflow vulnerability exists in the phrelay component of BlackBerry QNX Neutrino RTOS, impacting versions up to 6.5.0 SP1. This flaw can be exploited by remote attackers who send specially crafted packets to TCP port 4868. The improper handling of the /dev/photon device file allows for potential application crashes and may enable remote code execution, posing significant risks for affected systems.

References

http://aluigi.altervista.org/adv/qnxph_1-adv.txt

x_refsource_MISC

http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01

x_refsource_MISC

http://www.qnx.com/download/feature.html?programid=24850

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 12, 2013

Blackberry

What is CVE-2013-2688?

References

Timeline