suse · CVE-2018-15863

Quick triage

Priority: low Published: 2021-05-30 14:16:06 UTC Updated: 2026-04-17 15:18:52 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-15863 severity low: SUSE including 342 source package names (0.38.1.5.8.45:libxkbcommon0-0.8.2-3.3.1, 0.38.1:libxkbcommon0-0.8.2-3.3.1, …), 623 product×package rows across 175 product lines (Container suse/sl-micro/6.0/base-os-container, Container suse/sl-micro/6.0/toolbox, … (175 product lines)): Fixed 365, Known Affected 231, Known Not Affected 25, First Fixed 2.

Description:

Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression.

cvelogic Threat Intelligence