Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
18 vulnerabilities found for xkbcommon by xkbcommon
CVE-2018-15864 (GCVE-0-2018-15864)
Vulnerability from nvd – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15864",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15863 (GCVE-0-2018-15863)
Vulnerability from nvd – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15863",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15862 (GCVE-0-2018-15862)
Vulnerability from nvd – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15862",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15861 (GCVE-0-2018-15861)
Vulnerability from nvd – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15861",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15861",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15859 (GCVE-0-2018-15859)
Vulnerability from nvd – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:05.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15859",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:05.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15858 (GCVE-0-2018-15858)
Vulnerability from nvd – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:05.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f"
},
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-07T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f"
},
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15858",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f"
},
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15858",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:05.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15857 (GCVE-0-2018-15857)
Vulnerability from nvd – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.755Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15857",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.755Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15856 (GCVE-0-2018-15856)
Vulnerability from nvd – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15856",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15853 (GCVE-0-2018-15853)
Vulnerability from nvd – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15853",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15862 (GCVE-0-2018-15862)
Vulnerability from cvelistv5 – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/4e2ee9c3f6050d773f8bbe05bc0edb17f1ff8371"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15862",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15863 (GCVE-0-2018-15863)
Vulnerability from cvelistv5 – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15863",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15856 (GCVE-0-2018-15856)
Vulnerability from cvelistv5 – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/842e4351c2c97de6051cab6ce36b4a81e709a0e1"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15856",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15857 (GCVE-0-2018-15857)
Vulnerability from cvelistv5 – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.755Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/c1e5ac16e77a21f87bdf3bc4dea61b037a17dddb"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15857",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.755Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15861 (GCVE-0-2018-15861)
Vulnerability from cvelistv5 – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15861",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/38e1766bc6e20108948aec8a0b222a4bad0254e9"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15861",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15853 (GCVE-0-2018-15853)
Vulnerability from cvelistv5 – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15853",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15858 (GCVE-0-2018-15858)
Vulnerability from cvelistv5 – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:05.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f"
},
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-07T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f"
},
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15858",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/badb428e63387140720f22486b3acbd3d738859f"
},
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039232.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15858",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:05.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15859 (GCVE-0-2018-15859)
Vulnerability from cvelistv5 – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:05.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/bb4909d2d8fa6b08155e449986a478101e2b2634"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15859",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:05.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15864 (GCVE-0-2018-15864)
Vulnerability from cvelistv5 – Published: 2018-08-25 21:00 – Updated: 2024-08-05 10:10
VLAI?
Summary
Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2018-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:04.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201810-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2"
},
{
"name": "USN-3786-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201810-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201810-05"
},
{
"name": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html",
"refsource": "MISC",
"url": "https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html"
},
{
"name": "https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2",
"refsource": "MISC",
"url": "https://github.com/xkbcommon/libxkbcommon/commit/a8ea7a1d3daa7bdcb877615ae0a252c189153bd2"
},
{
"name": "USN-3786-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-1/"
},
{
"name": "USN-3786-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3786-2/"
},
{
"name": "RHSA-2019:2079",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15864",
"datePublished": "2018-08-25T21:00:00.000Z",
"dateReserved": "2018-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:10:04.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}