CVE-2019-14871

Name of the Vulnerable Software and Affected Versions newlib versions prior to 3.3.0

Description The issue concerns the REENT CHECK macro, which is used by various newlib macros such as REENT CHECK TM, REENT CHECK MISC, and REENT CHECK MP. In versions prior to 3.3.0, this macro does not check for memory allocation problems when the DEBUG flag is unset, which is typically the case in production firmware builds.

Recommendations For versions prior to 3.3.0, update to version 3.3.0 or later to resolve the issue. As a temporary workaround, consider enabling the DEBUG flag in production firmware builds to allow the REENT CHECK macro to check for memory allocation problems. However, this may have performance implications and should be thoroughly tested before implementation.