Primary

Context

QNX SDP PCX Image Codec NULL Pointer Dereference Vulnerability Allowing Denial-of-Service

Vulnerability

Patched

A NULL pointer dereference vulnerability has been identified in the PCX image codec of QNX Software Development Platform (SDP) versions 8.0, 7.1, and 7.0. This vulnerability could allow an unauthenticated attacker to induce a denial-of-service condition in the process utilizing the image codec by forcing the system to parse a maliciously crafted PCX format image file.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition in the context of the process using the image codec.

Remediation

QNX has released updates for the affected PCX image codec in QNX SDP 8.0, 7.1, and 7.0. These updates are available through the QNX Software Center. QNX recommends that all affected customers install these updates as soon as possible.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

QNX SDP PCX Image Codec NULL Pointer Dereference Vulnerability Allowing Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

BlackBerry QNX SDP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating