CVE-2019-14872 (NVD)

2020-03-19

The _dtoa_r function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference.

Products Newlib
Type NULL Pointer Dereference (CWE-476)
First patch - None (likely due to unavailable code)
Links https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/