Unrated severityNVD Advisory· Published Aug 17, 2021· Updated Aug 22, 2025

CVE-2021-22156

Description

An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Software Development Platform (SDP) version(s) 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 and earlier that could allow an attacker to potentially perform a denial of service or execute arbitrary code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Blackberry/QNX OS for Medicalllm-create
Range: <=1.1
Blackberry/QNX OS for Safetyllm-create
Range: <=1.0.1
Blackberry/Qnx Software Development Platformllm-fuzzy2 versions
<=6.5.0SP1+ 1 more
- (no CPE)range: <=6.5.0SP1
- (no CPE)range: QNX SDP 6.5.0 SP1 and earlier

Patches

Vulnerability mechanics

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-qnx-TOxjVPdLmitrevendor-advisoryx_refsource_CISCO
support.blackberry.com/kb/articleDetailmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000