CVE-2025-8090: Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS for Safety
Published Jan 13, 2026
·Updated
Null pointer dereference in the MsgRegisterEvent() system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel.
Affected Software
3 affected components
BlackBerry QNX Neutrino Kernel
BlackBerry QNX Software Development Platform
BlackBerry QNX OS for Safety
Event History
Jan 13, 2026
CVE Published
via MITRE·04:36 PM
Data Sourced
via MITRE·04:36 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·05:15 PM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2025-8090?
CVE-2025-8090 is classified as a high severity vulnerability due to its potential impact on system reliability and integrity.
2
How do I fix CVE-2025-8090?
To remediate CVE-2025-8090, update the QNX Neutrino Kernel to the latest patch provided by BlackBerry.
3
What systems are affected by CVE-2025-8090?
CVE-2025-8090 affects QNX SDP versions 7.0 and 7.1, as well as QNX OS for Safety versions 2.0 to 2.2.
4
What does the null pointer dereference vulnerability in CVE-2025-8090 entail?
The null pointer dereference vulnerability in CVE-2025-8090 could lead to application crashes or undefined behaviors in the affected QNX environments.
5
When was CVE-2025-8090 disclosed?
CVE-2025-8090 was disclosed in 2025, highlighting a critical issue within the QNX Neutrino Kernel.