NULL Pointer Dereference in IP Socket Options Processing Could Lead to Denial-of-Service
CVE-2024-35215

6.2MEDIUM

Key Information:

Vendor: Blackberry
Status: Qnx Software Development Platform (sdp)
Vendor: CVE Published:; 8 October 2024

What is CVE-2024-35215?

NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

QNX Software Development Platform (SDP) 7.0 <= 7.1

References

https://support.blackberry.com/pkb/s/article/140162

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 8, 2024
Vulnerability Reserved
May 13, 2024

JSON

Blackberry

What is CVE-2024-35215?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.