Description
/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by badc0ded · textlocallinux
https://www.exploit-db.com/exploits/21502
References (3)
Core 3
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4914
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9256.php
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=102312549511726&w=2
Scores
EPSS
0.0038
EPSS Percentile
59.4%
Details
Status
published
Products (2)
qnx/rtos
4.25
qnx/rtos
6.1.0
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026