suse · CVE-2018-15862

Quick triage

Priority: low Published: 2021-05-30 14:16:05 UTC Updated: 2026-04-17 15:18:53 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-15862 severity low: SUSE including 327 source package names (0.38.1.5.8.45:libxkbcommon0-0.8.2-3.3.1, 0.38.1:libxkbcommon0-0.8.2-3.3.1, …), 426 product×package rows across 52 product lines (Container suse/sles/15.2/virt-handler, Container suse/sles/15.2/virt-launcher, … (52 product lines)): Known Affected 231, Fixed 170, Known Not Affected 25.

Description:

Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers.

cvelogic Threat Intelligence