View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-15862 severity low: SUSE including 327 source package names (0.38.1.5.8.45:libxkbcommon0-0.8.2-3.3.1, 0.38.1:libxkbcommon0-0.8.2-3.3.1, …), 426 product×package rows across 52 product lines (Container suse/sles/15.2/virt-handler, Container suse/sles/15.2/virt-launcher, … (52 product lines)): Known Affected 231, Fixed 170, Known Not Affected 25.
Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers.