支持与服务
概述
客户培训
技术支持
咨询项目
汽车电子

Home
Support

Knowledge Base

BSPs and drivers
Community resources
Product documentation
Questions?
Contact us

QNX Software Development Platform 6.5.0: LD_DEBUG_OUTPUT Security Vulnerability Patch [Patch ID 2324]
 
________________________________________________________________________

Applicable Environment
________________________________________________________________________
  • Topic: Development - security patch
  • SDP: 6.5.0
  • Target: Any supported target
________________________________________________________________________

Solution
________________________________________________________________________

The following Security Vulnerability Patch is now generally available via the download center:

QNX Software Development Platform 6.5.0: LD_DEBUG_OUTPUT Security Vulnerability Patch [Patch ID 2324]

http://www.qnx.com/download/feature.html?programid=22026

This patch addresses a potential security vulnerability with the LD_DEBUG_OUTPUT environment variable that could have been exploited to form a security attack. You can use LD_DEBUG_OUTPUT to specify the name of the file where the dynamic linker writes its output. This could be exploited in different ways, including creating new files in arbitrary locations.

________________________________________________________________________
NOTE: This entry has been validated against the SDP version listed above. Use caution when considering this advice for any other SDP version. For supported releases, please reach out to QNX Technical Support if you have any questions/concerns.
________________________________________________________________________


Related Attachments
 None Found





Please contact us with your questions or concerns.