Description
TOCTOU Race Condition in specific trace commands of the TraceEvent() system call could allow an attacker with local access and with the PROCMGR_AID_TRACE ability, to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://support.blackberry.com/pkb/s/article/141213 |
|
History
Tue, 14 Jul 2026 19:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Blackberry
Blackberry qnx Os For Medical Blackberry qnx Os For Safety Blackberry qnx Software Development Platform |
|
| Vendors & Products |
Blackberry
Blackberry qnx Os For Medical Blackberry qnx Os For Safety Blackberry qnx Software Development Platform |
Tue, 14 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | TOCTOU Race Condition in specific trace commands of the TraceEvent() system call could allow an attacker with local access and with the PROCMGR_AID_TRACE ability, to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel. | |
| Title | TOCTOU race condition in the QNX Neutrino kernel impacts versions of the QNX Software Development Platform and QNX OS for Safety | |
| Weaknesses | CWE-367 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: blackberry
Published:
Updated: 2026-07-14T17:34:01.952Z
Reserved: 2026-03-11T19:24:46.531Z
Link: CVE-2026-4018
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-14T18:45:04Z
Weaknesses