Search CVE reports


Toggle filters

1 – 10 of 11 results


CVE-2024-30949

Medium priority
Needs evaluation

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function.

1 affected package

newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
newlib Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-3420

Medium priority
Vulnerable

A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an...

2 affected packages

gcc-snapshot, newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
newlib Vulnerable Ignored Ignored Vulnerable Vulnerable
Show less packages

CVE-2019-14878

Medium priority
Vulnerable

In the __d2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not....

2 affected packages

gcc-snapshot, newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
newlib Not affected Ignored Ignored Vulnerable Vulnerable
Show less packages

CVE-2019-14877

Medium priority
Vulnerable

In the __mdiff function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate big integers, however no check is performed to verify if the allocation succeeded or not....

2 affected packages

gcc-snapshot, newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
newlib Not affected Ignored Ignored Vulnerable Vulnerable
Show less packages

CVE-2019-14876

Medium priority
Vulnerable

In the __lshift function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or...

2 affected packages

gcc-snapshot, newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
newlib Not affected Ignored Ignored Vulnerable Vulnerable
Show less packages

CVE-2019-14875

Medium priority
Vulnerable

In the __multiply function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or...

2 affected packages

gcc-snapshot, newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
newlib Not affected Ignored Ignored Vulnerable Vulnerable
Show less packages

CVE-2019-14874

Medium priority
Vulnerable

In the __i2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not....

2 affected packages

gcc-snapshot, newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
newlib Not affected Ignored Ignored Vulnerable Vulnerable
Show less packages

CVE-2019-14873

Medium priority
Vulnerable

In the __multadd function of the newlib libc library, prior to versions 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not....

2 affected packages

gcc-snapshot, newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
newlib Not affected Ignored Ignored Vulnerable Vulnerable
Show less packages

CVE-2019-14872

Medium priority
Vulnerable

The _dtoa_r function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference.

2 affected packages

gcc-snapshot, newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
newlib Not affected Ignored Ignored Vulnerable Vulnerable
Show less packages

CVE-2019-14871

Medium priority
Vulnerable

The REENT_CHECK macro (see newlib/libc/include/sys/reent.h) as used by REENT_CHECK_TM, REENT_CHECK_MISC, REENT_CHECK_MP and other newlib macros in versions prior to 3.3.0, does not check for memory allocation problems when the...

2 affected packages

gcc-snapshot, newlib

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
newlib Not affected Ignored Ignored Vulnerable Vulnerable
Show less packages