{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "4.0.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "32" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "33" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "34" } ] } ] } } ], "details": "A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer overflow.", "id": "CVE-2021-3420", "modified": "2026-03-13T21:52:01.765642510Z", "published": "2021-03-05T21:15:13.437Z", "references": [ { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEBF6YHWFNCBW5A2ENSQ3Z56ELF4MTRE/" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AMK54N6UOPBFFX2YT32TWSAEFTHGSKAA/" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSQZEUANAWBBAOC4TF5PTPJVLMUR7SFD/" }, { "type": "FIX", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934088" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }