VULHUB ™

It has been reported that the QNX RTOS 'int10' utility exhibits behaviour suggesting a buffer overflow condition. When argumented with excessively long filename parameters, 'int10' reportedly crashes due to an access violation. This often occurs when an overrun condition corrupts a pointer, such as a function return address. If the crash is due to a buffer overrun, the condition may be exploited by local attackers to gain root privileges.

It has been reported that the QNX RTOS 'int10' utility exhibits behaviour suggesting a buffer overflow condition. When argumented with excessively long filename parameters, 'int10' reportedly crashes due to an access violation. This often occurs when an overrun condition corrupts a pointer, such as a function return address. If the crash is due to a buffer overrun, the condition may be exploited by local attackers to gain root privileges.