CVE-2021-32025

Name of the Vulnerable Software and Affected Versions QNX Software Development Platform versions 6.4.0 through 7.0 QNX Momentics versions 6.3.x QNX OS for Safety versions 1.0.0 through 1.0.2 QNX OS for Safety versions 2.0.0 through 2.0.1 QNX for Medical versions 1.0.0 through 1.1.1 QNX OS for Medical version 2.0.0

Description The issue is related to an elevation of privilege vulnerability in the QNX Neutrino Kernel, which could allow an attacker to access data, modify behavior, or permanently crash the system. This vulnerability is associated with errors in privilege management.

Recommendations For QNX Software Development Platform versions 6.4.0 through 7.0, update to a version that includes a fix for the elevation of privilege vulnerability. For QNX Momentics versions 6.3.x, update to a version that includes a fix for the elevation of privilege vulnerability. For QNX OS for Safety versions 1.0.0 through 1.0.2, update to a version that includes a fix for the elevation of privilege vulnerability. For QNX OS for Safety versions 2.0.0 through 2.0.1, update to a version that includes a fix for the elevation of privilege vulnerability. For QNX for Medical versions 1.0.0 through 1.1.1, update to a version that includes a fix for the elevation of privilege vulnerability. For QNX OS for Medical version 2.0.0, update to a version that includes a fix for the elevation of privilege vulnerability.