Published: 25/08/2018 Updated: 19/03/2019
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon prior to 0.8.1 could be used by local malicious users to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file.

Vulnerability Trend

Affected Products

Vendor Product Versions
CanonicalUbuntu Linux14.04, 16.04, 18.04

Vendor Advisories

Several security issues were fixed in libxkbcommon ...
Several security issues were fixed in libxkbcommon ...
Debian Bug report logs - #907302 CVE-2018-15864 CVE-2018-15863 CVE-2018-15862 CVE-2018-15861 CVE-2018-15859 CVE-2018-15858 CVE-2018-15857 CVE-2018-15856 CVE-2018-15855 CVE-2018-15854 CVE-2018-15853 Package: src:libxkbcommon; Maintainer for src:libxkbcommon is Debian X Strike Force <debian-x@listsdebianorg>; Reported by: Mor ...