Search CVE reports
1 – 10 of 11 results
CVE-2024-30949
Medium priorityAn issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function.
1 affected package
newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
newlib | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-3420
Medium priorityA flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an...
2 affected packages
gcc-snapshot, newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
newlib | Vulnerable | Ignored | Ignored | Vulnerable | Vulnerable |
CVE-2019-14878
Medium priorityIn the __d2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not....
2 affected packages
gcc-snapshot, newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
newlib | Not affected | Ignored | Ignored | Vulnerable | Vulnerable |
CVE-2019-14877
Medium priorityIn the __mdiff function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate big integers, however no check is performed to verify if the allocation succeeded or not....
2 affected packages
gcc-snapshot, newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
newlib | Not affected | Ignored | Ignored | Vulnerable | Vulnerable |
CVE-2019-14876
Medium priorityIn the __lshift function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or...
2 affected packages
gcc-snapshot, newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
newlib | Not affected | Ignored | Ignored | Vulnerable | Vulnerable |
CVE-2019-14875
Medium priorityIn the __multiply function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or...
2 affected packages
gcc-snapshot, newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
newlib | Not affected | Ignored | Ignored | Vulnerable | Vulnerable |
CVE-2019-14874
Medium priorityIn the __i2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not....
2 affected packages
gcc-snapshot, newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
newlib | Not affected | Ignored | Ignored | Vulnerable | Vulnerable |
CVE-2019-14873
Medium priorityIn the __multadd function of the newlib libc library, prior to versions 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not....
2 affected packages
gcc-snapshot, newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
newlib | Not affected | Ignored | Ignored | Vulnerable | Vulnerable |
CVE-2019-14872
Medium priorityThe _dtoa_r function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference.
2 affected packages
gcc-snapshot, newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
newlib | Not affected | Ignored | Ignored | Vulnerable | Vulnerable |
CVE-2019-14871
Medium priorityThe REENT_CHECK macro (see newlib/libc/include/sys/reent.h) as used by REENT_CHECK_TM, REENT_CHECK_MISC, REENT_CHECK_MP and other newlib macros in versions prior to 3.3.0, does not check for memory allocation problems when the...
2 affected packages
gcc-snapshot, newlib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-snapshot | Not affected | Ignored | Ignored | Not affected | Not affected |
newlib | Not affected | Ignored | Ignored | Vulnerable | Vulnerable |