Buffer Overflow in QNX Neutrino Kernel by BlackBerry
CVE-2026-4017
7.4HIGH
What is CVE-2026-4017?
A significant buffer overflow vulnerability exists in the entry handler of the TraceEvent() system call in the QNX Neutrino kernel. This flaw permits an attacker with local access to exploit the system, potentially leading to unauthorized information disclosure, tampering of data, or a complete crash of the kernel. Addressing this vulnerability is essential for maintaining system integrity and preventing exploitation.
Affected Version(s)
QNX OS for Medical 2.0.2 and earlier
QNX OS for Medical cpe:2.3:o:blackberry:qnx_os_for_medical:2.0:2:*:*:*:*:*:*
QNX OS for Safety 2.2.8 and earlier
