Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-15859

Опубликовано: 25 авг. 2018
Источник: debian
EPSS Низкий

Описание

Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libxkbcommonfixed0.8.2-1package
libxkbcommonignoredstretchpackage
libxkbcommonno-dsajessiepackage
x11-xkb-utilsunfixedpackage

Примечания

  • https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634

  • https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html

  • https://www.openwall.com/lists/oss-security/2025/12/03/1

  • https://gitlab.freedesktop.org/xorg/app/xkbcomp/-/commit/895e080b237e346a43a31edf9dee6143c2abf230

  • For x11-xkb-utils/xkbcomp negligible security impact, crash in CLI tool

EPSS

Процентиль: 10%
0.00035
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-15859

CVSS3: 5.5
ubuntu
больше 7 лет назад

Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled.

redhat логотип

CVE-2018-15859

CVSS3: 3.3
redhat
больше 8 лет назад

Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled.

nvd логотип

CVE-2018-15859

CVSS3: 5.5
nvd
больше 7 лет назад

Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled.

github логотип

GHSA-2vjp-mp6g-39vx

CVSS3: 5.5
github
больше 3 лет назад

Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled.

suse-cvrf логотип

openSUSE-SU-2026:20123-1

suse-cvrf
10 дней назад

Security update for xkbcomp

EPSS

Процентиль: 10%
0.00035
Низкий