Published: 25/08/2018 Updated: 19/03/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon prior to 0.8.1 could be used by local malicious users to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xkbcommon xkbcommon
xkbcommon libxkbcommon
canonical ubuntu linux 18.04
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04

Debian Bug report logs - #907302 CVE-2018-15864 CVE-2018-15863 CVE-2018-15862 CVE-2018-15861 CVE-2018-15859 CVE-2018-15858 CVE-2018-15857 CVE-2018-15856 CVE-2018-15855 CVE-2018-15854 CVE-2018-15853 Package: src:libxkbcommon; Maintainer for src:libxkbcommon is Debian X Strike Force <debian-x@listsdebianorg>; Reported by: Mor ...

Several security issues were fixed in libxkbcommon ...

CWE-476 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f https://usn.ubuntu.com/3786-1/https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-2/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907302 https://nvd.nist.gov https://usn.ubuntu.com/3786-2/

CVE-2018-15858

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect