CVE-2019-14873: 
NixOS vulnerability analysis and mitigation

In the __multadd function of the newlib libc library, prior to version 3.3.0, a vulnerability was discovered where Balloc is used to allocate a big integer without performing any checks to verify if the allocation succeeded or not. This vulnerability is tracked as CVE-2019-14873 and affects all versions of newlib prior to 3.3.0 (CENSUS Labs).

The vulnerability exists in the __multadd function within the newlib/libc/stdlib/mprec.c file. When Balloc is used to allocate a big integer, the code proceeds to use the allocated memory through the Bcopy operation without verifying if the allocation was successful. The Bcopy operation is defined as a memcpy of the sign and word fields, which would trigger a null pointer dereference if the initial allocation failed (CENSUS Labs).

If exploited, this vulnerability will trigger a null pointer dereference bug in case of a memory allocation failure. On embedded systems where the Device Vector Table is mapped at address 0x0, this could potentially lead to leaking interrupt handler addresses, overwriting interrupt handlers, or diverting program execution to installed interrupt handlers (CENSUS Labs).

Users are strongly advised to update to newlib version 3.3.0 or later, which includes patches addressing this vulnerability. Library authors are recommended to always implement checks for NULL return values from memory allocators (CENSUS Labs).