rpm package
suse/libxkbcommon&distro=SUSE Linux Enterprise Software Development Kit 12 SP5
pkg:rpm/suse/libxkbcommon&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-15864 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was nev | |
| CVE-2018-15863 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression. | |
| CVE-2018-15862 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers. | |
| CVE-2018-15861 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure. | |
| CVE-2018-15859 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandl | |
| CVE-2018-15858 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file. | |
| CVE-2018-15857 | Hig | 7.8 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file. | |
| CVE-2018-15856 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files. | |
| CVE-2018-15855 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled. | |
| CVE-2018-15854 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because geometry tokens were desupported incorrectly. | |
| CVE-2018-15853 | Med | 5.5 | < 0.6.1-9.3.1 | 0.6.1-9.3.1 | Aug 25, 2018 | Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation. |
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was nev
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression.
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers.
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure.
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandl
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file.
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file.
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files.
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled.
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because geometry tokens were desupported incorrectly.
- affected < 0.6.1-9.3.1fixed 0.6.1-9.3.1
Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation.