VuXML: xkbcomp -- Several vulnerabilities

Affected packages

xkbcomp

1.5.0

Details

VuXML ID	c7187676-d176-11f0-841f-843a4b343614
Discovery	2025-12-03
Entry	2025-12-05

VuXML ID

c7187676-d176-11f0-841f-843a4b343614

Discovery

2025-12-03

Entry

2025-12-05

X.Org reports:

Multiple issues have been found in xkbcomp that have been previously been published as CVEs in libxbkcommon. libxkbcommon is (to some degree) a fork of xkbcomp and some of the code base is identical. These CVEs were published earlier as:

CVE-2018-15853: Endless recursion in xkbcomp/expr.c resulting in a crash

CVE-2018-15859: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash

CVE-2018-15861: NULL pointer dereference in ExprResolveLhs resulting in a crash

CVE-2018-15863: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash

[source]

CVE Name	CVE-2018-15859
CVE Name	CVE-2018-15861
CVE Name	CVE-2018-15863
CVE Name	CVE-2018-15863
URL	https://cveawg.mitre.org/api/cve/CVE-2018-15859
URL	https://cveawg.mitre.org/api/cve/CVE-2018-15861
URL	https://cveawg.mitre.org/api/cve/CVE-2018-15863
URL	https://cveawg.mitre.org/api/cve/CVE-2018-15863

xkbcomp -- Several vulnerabilities

Details

References