Insufficient Parameter Validation in QNX Neutrino Kernel by BlackBerry
CVE-2026-0515

6.2MEDIUM

What is CVE-2026-0515?

The QNX Neutrino kernel suffers from a vulnerability due to insufficient parameter validation in the SchedGet() system call. This flaw could potentially give an attacker with local access the ability to crash the kernel, thereby affecting system stability and performance. It highlights the critical need for thorough input validation to ensure secure operation within the kernel.

Affected Version(s)

QNX OS for Medical 2.0.2 and earlier

QNX OS for Medical cpe:2.3:o:blackberry:qnx_os_for_medical:2.0:2:*:*:*:*:*:*

QNX OS for Safety 2.2.8 and earlier

References

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.