CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15853 – libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15853
Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation. Existe recursión infinita en xkbcomp/expr.c en xkbcommon y libxkbcommon en versiones anteriores a la 0.8.1, lo que podría ser empleado por atacantes locales para provocar el cierre inesperado de usuarios xkbcommon proporcionando un archivo keymap manipulado que desencadena la negación booleana. An uncontrolled recursion flaw was found in libxkbcommon in the way it parses boolean expressions. A specially crafted file provided to xkbcomp could crash the application. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15853 https://bugzilla.redhat.com/show_bug.cgi?id=1623009 • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15859 – libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15859
Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled. El uso de un puntero NULL no verificado al analizar átomos no válidos en ExprResolveLhs en xkbcomp/expr.c en xkbcommon, en versiones anteriores a la 0.8.2, podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado, debido a que se gestionan incorrectamente los errores de búsqueda. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15859 https://bugzilla.redhat.com/show_bug.cgi?id=1623026 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15862 – libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15862
Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers. El uso de un puntero NULL no verificado en LookupModMask en xkbcomp/expr.c en xkbcommon, en versiones anteriores a la 0.8.2, podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado con modificadores virtuales inválidos. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15862 https://bugzilla.redhat.com/show_bug.cgi?id=1623029 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-15854 – libxkbcommon: NULL pointer dereference resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15854
Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because geometry tokens were desupported incorrectly. El uso de un puntero NULL no verificado en xkbcommon en versiones anteriores a la 0.8.1 podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado, debido a que los tokens de geometría dejaron de ser soportados incorrectamente. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/e3cacae7b1bfda0d839c280494f23284a1187adf https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15854 https://bugzilla.redhat.com/show_bug.cgi?id=1623012 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-15856 – libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15856
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files. Un bucle infinito al alcanzar EOL inesperadamente en compose/parser.c (también conocido como analizador keymap) en xkbcommon, en versiones anteriores a la 0.8.1, podría ser empleado por atacantes locales para provocar una denegación de servicio (DoS) durante el análisis de archivos keymap manipulados. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15856 https://bugzilla.redhat.com/show_bug.cgi?id=1623018 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •