BadAlloc Vulnerability Affecting Devices Incorporating Older BlackBerry QNX Products

Original release date: August 17, 2021CISA released an Alert today on devices incorporating older versions of multiple BlackBerry QNX products affected by a BadAlloc vulnerability. A malicious actor could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition.  Because devices incorporating older versions of BlackBerry QNX products support critical infrastructure and national critical functions, CISA is strongly urging all organizations whose devices use affected QNX-based systems to immediately apply the mitigations provided in CISA...