CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15857 – libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15857
An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file. Una liberación no válida en ExprAppendMultiKeysymList en xkbcomp/ast-build.c en xkbcommon, en versiones anteriores a la 0.8.1, podría ser empleada por atacantes locales para provocar el cierre inesperado de los analizadores keymap de xkbcommon o, posiblemente, lograr otro tipo de impacto sin especificar proporcionando un archivo keymap manipulado. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15857 https://bugzilla.redhat.com/show_bug.cgi?id=1623022 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15864 – libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15864
Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created. El uso de un puntero NULL no verificado en resolve_keysym en xkbcomp/parser.y en xkbcommon, en versiones anteriores a la 0.8.2, podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado, debido a que puede ocurrir un intento de acceso al mapa para un mapa que nunca ha sido creado. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15864 https://bugzilla.redhat.com/show_bug.cgi?id=1623033 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15861 – libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15861
Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure. El uso de un puntero NULL no verificado en ExprResolveLhs en xkbcommon en versiones anteriores a la 0.8.2 podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado que desencadena un error xkb_intern_atom. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15861 https://bugzilla.redhat.com/show_bug.cgi?id=1623028 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-15855 – libxkbcommon: NULL pointer dereference when handling xkb_geometry
https://notcve.org/view.php?id=CVE-2018-15855
Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled. El uso de un puntero NULL no verificado en xkbcommon en versiones anteriores a la 0.8.1 podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado, debido a que se gestionó incorrectamente el XkbFile para una sección xkb_geometry. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/917636b1d0d70205a13f89062b95e3a0fc31d4ff https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15855 https://bugzilla.redhat.com/show_bug.cgi?id=1623013 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15863 – libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15863
Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression. El uso de un puntero NULL no verificado en ResolveStateAndPredicate en xkbcomp/compat.c en xkbcommon, en versiones anteriores a la 0.8.2, podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado con una expresión modmask no-op. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15863 https://bugzilla.redhat.com/show_bug.cgi?id=1623030 • CWE-476: NULL Pointer Dereference •