CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15864 – libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15864
Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created. El uso de un puntero NULL no verificado en resolve_keysym en xkbcomp/parser.y en xkbcommon, en versiones anteriores a la 0.8.2, podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado, debido a que puede ocurrir un intento de acceso al mapa para un mapa que nunca ha sido creado. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15864 https://bugzilla.redhat.com/show_bug.cgi?id=1623033 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15861 – libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15861
Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure. El uso de un puntero NULL no verificado en ExprResolveLhs en xkbcommon en versiones anteriores a la 0.8.2 podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado que desencadena un error xkb_intern_atom. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9 https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15861 https://bugzilla.redhat.com/show_bug.cgi?id=1623028 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15863 – libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash
https://notcve.org/view.php?id=CVE-2018-15863
Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression. El uso de un puntero NULL no verificado en ResolveStateAndPredicate en xkbcomp/compat.c en xkbcommon, en versiones anteriores a la 0.8.2, podría ser aprovechado por atacantes locales para provocar el cierre inesperado (desreferencia de puntero NULL) del analizador xkbcommon proporcionando un archivo keymap manipulado con una expresión modmask no-op. • https://access.redhat.com/errata/RHSA-2019:2079 https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html https://security.gentoo.org/glsa/201810-05 https://usn.ubuntu.com/3786-1 https://usn.ubuntu.com/3786-2 https://access.redhat.com/security/cve/CVE-2018-15863 https://bugzilla.redhat.com/show_bug.cgi?id=1623030 • CWE-476: NULL Pointer Dereference •