CISA Warns Of BaldAlloc Security Flaws Affecting Critical Infrastructure

According to CISA, security flaws known as BaldAlloc are affecting BlackBerry's QNX Real Time Operating System (RTOS) that is used by critical infrastructure organizations. BaldAlloc vulnerabilities are caused by memory allocation Integer Overflow or Wraparound bugs. According to Microsoft's researchers, those bugs are present in standard memory allocation functions widely used in multiple real-time operating systems (RTOS), C standard library (libc) implementations, and embedded software development kits (SDKs). Read more...