CISA Urges Beware of BlackBerry (QNX RTOS) Vulnerabilities – 17th Aug 2021

Preface: BlackBerry OS was discontinued after the release of BlackBerry 10. BlackBerry 10 is based on QNX, a Unix-like operating system that was originally developed by QNX Software Systems until the company was acquired by BlackBerry in April 2010. It supports the application framework Qt (version 4.8) and in some later models features an Android runtime to run Android applications.

Background: The runtime library is that library that is automatically compiled in for any C program you run. The version of the library you would use depends on your compiler, platform, debugging options, and multithreading options.

The calloc() in C is a function used to allocate multiple blocks of memory having the same size. It is a dynamic memory allocation function that allocates the memory space to complex data structures such as arrays and structures and returns a void pointer to the memory.

The free() function frees the memory space pointed to by ptr, which must have been returned by a previous call to malloc(), calloc() or realloc(). Otherwise, or if free(ptr) has already been called before, undefined behavior occurs.

Vulnerability details : An integer overflow vulnerability in the calloc() function of the C runtime library in affected versions of the BlackBerry QNX Software Development Platform (SDP)version 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety1.0.1 earlier that could potentially allow a successful attacker to perform a denial of service orexecute arbitrary code. BlackBerry is not aware of any exploitation of this vulnerability. For more details, please refer to the link below for reference.

Official announcement: https://support.blackberry.com/kb/articleDetail?articleNumber=000082334

CISA alert: https://us-cert.cisa.gov/ncas/alerts/aa21-229a

Headline News: https://www.zdnet.com/article/cisa-releases-alert-on-badalloc-vulnerability-in-blackberry-products/

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.