VYPR
Unrated severityNVD Advisory· Published Mar 19, 2020· Updated Aug 5, 2024

CVE-2019-14874

CVE-2019-14874

Description

In the __i2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of _ x[0] will trigger a null pointer dereference bug in case of a memory allocation failure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • GNU/Libcllm-fuzzy
    Range: <3.3.0
  • Red Hat/newlibv5
    Range: all newlib versions prior to 3.3.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.