CVE-2021-22156
Summary
| CVE | CVE-2021-22156 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-08-17 19:15:00 UTC |
| Updated | 2021-08-30 11:26:00 UTC |
| Description | An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Software Development Platform (SDP) version(s) 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 and earlier that could allow an attacker to potentially perform a denial of service or execute arbitrary code. |
Risk And Classification
Problem Types: CWE-190
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Blackberry | Qnx Os For Medical | All | All | All | All |
| Operating System | Blackberry | Qnx Os For Safety | All | All | All | All |
| Application | Blackberry | Qnx Software Development Platform | All | All | All | All |
| Application | Blackberry | Qnx Software Development Platform | 6.5.0 | - | All | All |
| Application | Blackberry | Qnx Software Development Platform | 6.5.0 | sp1 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| BlackBerry QNX-2021-001 Vulnerability Affecting Cisco Products: August 2021 | CISCO | tools.cisco.com | |
| QNX-2021-001 Vulnerability in the C Runtime Library Impacts BlackBerry QNX Software Development Platform (SDP), QNX OS for Medical, and QNX OS for Safety | MISC | support.blackberry.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.