CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15864 – libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15864
Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created. El uso de un puntero NULL no verificado en resolve_keysym en xkbcomp/parser.y en xkbcommon, en versiones anteriores a la 0.8.2, podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado, debido a que puede ocurrir un intento de acceso al mapa para un mapa que nunca ha sido creado. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15864 https://bugzilla.redhat.com/show_bug.cgi?id=1623033 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15861 – libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15861
Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure. El uso de un puntero NULL no verificado en ExprResolveLhs en xkbcommon en versiones anteriores a la 0.8.2 podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado que desencadena un error xkb_intern_atom. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15861 https://bugzilla.redhat.com/show_bug.cgi?id=1623028 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-15855 – libxkbcommon: NULL pointer dereference when handling xkb_geometry
https://notcve.org/view.php?id=CVE-2018-15855
Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled. El uso de un puntero NULL no verificado en xkbcommon en versiones anteriores a la 0.8.1 podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado, debido a que se gestionó incorrectamente el XkbFile para una sección xkb_geometry. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/917636b1d0d70205a13f89062b95e3a0fc31d4ff https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15855 https://bugzilla.redhat.com/show_bug.cgi?id=1623013 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15863 – libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15863
Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression. El uso de un puntero NULL no verificado en ResolveStateAndPredicate en xkbcomp/compat.c en xkbcommon, en versiones anteriores a la 0.8.2, podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado con una expresión modmask no-op. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15863 https://bugzilla.redhat.com/show_bug.cgi?id=1623030 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2018-10902 – Linux Kernel MIDI Race Condition Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation. Se ha detectado que el controlador del kernel midi raw no protege contra el acceso concurrente, lo que conduce a un doble realloc (doble liberación) en snd_rawmidi_input_params() y snd_rawmidi_output_status(), que son parte del manipulador snd_rawmidi_ioctl() en el archivo rawmidi.c. Un atacante local malicioso podría utilizarlo para escalar privilegios. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Linux Kernel. • http://www.securityfocus.com/bid/105119 http://www.securitytracker.com/id/1041529 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2019:0415 https://access.redhat.com/errata/RHSA-2019:0641 https://access.redhat.com/errata/RHSA-2019:3217 https://access.redhat.com/errata/RHSA-2019:3967 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10902 https://git.kernel.org/pub/scm/linux/k • CWE-415: Double Free CWE-416: Use After Free •