View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-15856 severity low: SUSE including 338 source package names (0.38.1.5.8.45:libxkbcommon0-0.8.2-3.3.1, 0.38.1:libxkbcommon0-0.8.2-3.3.1, …), 437 product×package rows across 53 product lines (Container suse/sles/15.2/virt-handler, Container suse/sles/15.2/virt-launcher, … (53 product lines)): Known Affected 231, Fixed 181, Known Not Affected 25.
An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of crafted keymap files.