VYPR
Vendor

newlib

Products
1
CVEs
10
Across products
10
Status
Private

Products

1

Recent CVEs

10
  • CVE-2024-30949CriAug 20, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function.

  • CVE-2021-3420CriMar 5, 2021
    risk 0.64cvss 9.8epss 0.02

    A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based…

  • CVE-2019-14878MedMar 19, 2020
    risk 0.42cvss 6.5epss 0.01

    In the __d2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. Accessing _x will trigger a null pointer…

  • CVE-2019-14877MedMar 19, 2020
    risk 0.42cvss 6.5epss 0.01

    In the __mdiff function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate big integers, however no check is performed to verify if the allocation succeeded or not. The access to _wds and _sign will trigger a null…

  • CVE-2019-14876MedMar 19, 2020
    risk 0.42cvss 6.5epss 0.01

    In the __lshift function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access to b1 will trigger a null pointer…

  • CVE-2019-14875MedMar 19, 2020
    risk 0.42cvss 6.5epss 0.01

    In the __multiply function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of _x[0] will trigger a null…

  • CVE-2019-14874MedMar 19, 2020
    risk 0.42cvss 6.5epss 0.01

    In the __i2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of _ x[0] will trigger a null pointer…

  • CVE-2019-14873MedMar 19, 2020
    risk 0.42cvss 6.5epss 0.01

    In the __multadd function of the newlib libc library, prior to versions 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. This will trigger a null pointer dereference bug…

  • CVE-2019-14872MedMar 19, 2020
    risk 0.42cvss 6.5epss 0.01

    The _dtoa_r function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference.

  • CVE-2019-14871MedMar 18, 2020
    risk 0.42cvss 6.5epss 0.01

    The REENT_CHECK macro (see newlib/libc/include/sys/reent.h) as used by REENT_CHECK_TM, REENT_CHECK_MISC, REENT_CHECK_MP and other newlib macros in versions prior to 3.3.0, does not check for memory allocation problems when the DEBUG flag is unset (as is the case in production…