VYPR
Unrated severityNVD Advisory· Published Mar 19, 2020· Updated Aug 5, 2024

CVE-2019-14877

CVE-2019-14877

Description

In the __mdiff function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate big integers, however no check is performed to verify if the allocation succeeded or not. The access to _wds and _sign will trigger a null pointer dereference bug in case of a memory allocation failure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • GNU/Libcllm-fuzzy
    Range: <3.3.0
  • Red Hat/newlibv5
    Range: all newlib versions prior to 3.3.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.