TOCTOU Race Condition in QNX Neutrino Kernel by BlackBerry
CVE-2026-4018

6.4MEDIUM

What is CVE-2026-4018?

The QNX Neutrino kernel has a vulnerability that occurs due to a Time-of-Check to Time-of-Use (TOCTOU) race condition in specific trace commands of the TraceEvent() system call. This flaw allows an attacker with local access and the PROCMGR_AID_TRACE ability to exploit this condition, possibly leading to unauthorized information disclosure, manipulation of data, or even causing a crash of the kernel. Immediate attention is recommended for users operating affected versions of the QNX Neutrino system.

Affected Version(s)

QNX OS for Medical 2.0.2 and earlier

QNX OS for Medical cpe:2.3:o:blackberry:qnx_os_for_medical:2.0:2:*:*:*:*:*:*

QNX OS for Safety 2.2.8 and earlier

References

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.