6.2

CVE-2025-8090

Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS for Safety

Null pointer dereference in the MsgRegisterEvent() system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerBlackBerry Ltd
Produkt QNX Software Development Platform
Default Statusunaffected
Version 7.1 and 7.0
Status affected
Version cpe:2.3:a:blackberry:qnx_software_development_platform:7.1:*:*:*:*:*:*:*
Status affected
Version cpe:2.3:a:blackberry:qnx_software_development_platform:7.0:*:*:*:*:*:*:*
Status affected
HerstellerBlackBerry Ltd
Produkt QNX OS for Safety
Default Statusunaffected
Version 2.2.7 and earlier
Status affected
Version cpe:2.3:o:blackberry:qnx_os_for_safety:2.2:7:*:*:*:*:*:*
Status affected
Version 2.1.4 and earlier
Status affected
Version cpe:2.3:o:blackberry:qnx_os_for_safety:2.1:4:*:*:*:*:*:*
Status affected
Version 2.0.2 and earlier
Status affected
Version cpe:2.3:o:blackberry:qnx_os_for_safety:2.0:2:*:*:*:*:*:*
Status affected
HerstellerBlackBerry Ltd.
Produkt QNX OS for Medical
Default Statusunaffected
Version 2.0.1 and earlier
Status affected
Version cpe:2.3:o:blackberry:qnx_os_for_medical:2.0:1:*:*:*:*:*:*
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.083
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secure@blackberry.com 6.2 2.5 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.