VYPR

rpm package

suse/libxkbcommon&distro=SUSE Linux Enterprise Module for Basesystem 15

pkg:rpm/suse/libxkbcommon&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015

Vulnerabilities (11)

  • CVE-2018-15864MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was nev

  • CVE-2018-15863MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression.

  • CVE-2018-15862MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers.

  • CVE-2018-15861MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure.

  • CVE-2018-15859MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandl

  • CVE-2018-15858MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file.

  • CVE-2018-15857HigAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file.

  • CVE-2018-15856MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files.

  • CVE-2018-15855MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled.

  • CVE-2018-15854MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because geometry tokens were desupported incorrectly.

  • CVE-2018-15853MedAug 25, 2018
    affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1

    Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation.