147 matches found
CVE-2019-14875
In the multiply function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of x0 will trigger a null pointer dereference bug in ca...
CVE-2019-14874
In the i2b function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of x0 will trigger a null pointer dereference bug in case of...
CVE-2019-14876
In the lshift function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access to b1 will trigger a null pointer dereference bug in case...
CVE-2019-14873
In the multadd function of the newlib libc library, prior to versions 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. This will trigger a null pointer dereference bug in case of a memory...
CVE-2019-14871
The REENTCHECK macro see newlib/libc/include/sys/reent.h as used by REENTCHECKTM, REENTCHECKMISC, REENTCHECKMP and other newlib macros in versions prior to 3.3.0, does not check for memory allocation problems when the DEBUG flag is unset as is the case in production firmware builds...
Linux Distros Unpatched Vulnerability : CVE-2021-3420
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nanomemalign,...
Linux Distros Unpatched Vulnerability : CVE-2024-30949
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function. CVE-2024-30949 Note that Nessus...
SUSE CVE-2024-30949
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...
CVE-2024-30949
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...
CVE-2024-30949
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...
DEBIAN-CVE-2024-30949
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...
CVE-2024-30949
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...
UBUNTU-CVE-2024-30949
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...
CVE-2024-30949
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...
CVE-2024-30949
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...
Newlib 安全漏洞
Newlib is a C language library from the Sourceware organization primarily for embedded systems. A security vulnerability exists in Newlib version 4.3.0, which stems from an arbitrary code execution vulnerability in the gettimeofday method...
CVE-2024-30949
CVE-2024-30949 concerns an issue in the GNU C library replacement newlib version 4.3.0 where the time unit scaling in the function _gettimeofday may allow an attacker to execute arbitrary code. The connected sources consistently describe the vulnerability and its impact as arbitrary code executio...
CVE-2024-30949
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...
PT-2024-23685 · Newlib +1 · Newlib +1
Name of the Vulnerable Software and Affected Versions: newlib version 4.3.0 Description: An issue in the gettimeofday function allows an attacker to execute arbitrary code via the time unit scaling. Recommendations: For newlib version 4.3.0, at the moment, there is no information about a newer...
OPENSUSE-SU-2024:11086-1 newlib-4.1.0-2.2 on GA media
These are all security issues fixed in the newlib-4.1.0-2.2 package on the GA media of openSUSE Tumbleweed...