CVE 6.2 MEDIUM

Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS for Safety_CVE-2025-8090

January 13, 2026 invoker category_cve
6.2 / 10
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

A null pointer dereference vulnerability in the MsgRegisterEvent() system call of the QNX Neutrino Kernel in QNX SDP 7.1 and 7.0, and QNX OS for Safety 2.2, 2.1 and 2.0 could potentially allow an attacker with local access and code execution abilities, to crash the QNX Neutrino kernel.

Basic Information

ID CVE-2025-8090
Source blackberry
Published Jan 13, 2026 at 16:36
Modified Jan 13, 2026 at 17:10

Affected Product

Vendor BlackBerry Ltd
Product QNX Software Development Platform
Version 7.1
Affected Versions BlackBerry Ltd QNX Software Development Platform 7.1
BlackBerry Ltd QNX Software Development Platform cpe:2.3:a:blackberry:qnx_software_development_platform:7.1:*:*:*:*:*:*:*
BlackBerry Ltd QNX Software Development Platform 7.0
BlackBerry Ltd QNX Software Development Platform cpe:2.3:a:blackberry:qnx_software_development_platform:7.0:*:*:*:*:*:*:*
BlackBerry Ltd QNX OS for Safety 2.2.7 and earlier
BlackBerry Ltd QNX OS for Safety 2.1.4 and earlier
BlackBerry Ltd QNX OS for Safety 2.0.2 and earlier
BlackBerry Ltd QNX OS for Safety cpe:2.3:o:blackberry:qnx_os_for_safety:2.2:*:*:*:*:*:*:*
BlackBerry Ltd QNX OS for Safety cpe:2.3:o:blackberry:qnx_os_for_safety:2.1:*:*:*:*:*:*:*
BlackBerry Ltd QNX OS for Safety cpe:2.3:o:blackberry:qnx_os_for_safety:2.0:*:*:*:*:*:*:*
BlackBerry Ltd QNX OS for Safety cpe:2.3:o:blackberry:qnx_os_for_medical:2.0:*:*:*:*:*:*:*

CWE Classification

CWE-476

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.