Описание
Security update for xkbcomp
This update for xkbcomp fixes the following issues:
- CVE-2018-15863, CVE-2018-15861, CVE-2018-15859, CVE-2018-15853: Fixed multiple memory handling and correctness issues (bsc#1105832)
Список пакетов
openSUSE Leap 16.0
Ссылки
- SUSE Security Ratings
- SUSE Bug 1105832
- SUSE CVE CVE-2018-15853 page
- SUSE CVE CVE-2018-15859 page
- SUSE CVE CVE-2018-15861 page
- SUSE CVE CVE-2018-15863 page
Описание
Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation.
Затронутые продукты
Ссылки
- CVE-2018-15853
- SUSE Bug 1105832
Описание
Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled.
Затронутые продукты
Ссылки
- CVE-2018-15859
- SUSE Bug 1105832
Описание
Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure.
Затронутые продукты
Ссылки
- CVE-2018-15861
- SUSE Bug 1105832
Описание
Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression.
Затронутые продукты
Ссылки
- CVE-2018-15863
- SUSE Bug 1105832