vulnerability
CentOS Linux: CVE-2018-15864: Moderate: Xorg security and bug fix update (CESA-2019:2079)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:N/I:N/A:P) | Aug 25, 2018 | Aug 28, 2019 | May 25, 2023 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:P)
Published
Aug 25, 2018
Added
Aug 28, 2019
Modified
May 25, 2023
Description
Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created.
Solution(s)
centos-upgrade-gdmcentos-upgrade-gdm-debuginfocentos-upgrade-gdm-develcentos-upgrade-gdm-pam-extensions-develcentos-upgrade-libx11centos-upgrade-libx11-commoncentos-upgrade-libx11-debuginfocentos-upgrade-libx11-develcentos-upgrade-libxkbcommoncentos-upgrade-libxkbcommon-debuginfocentos-upgrade-libxkbcommon-develcentos-upgrade-libxkbcommon-x11centos-upgrade-libxkbcommon-x11-develcentos-upgrade-mesa-libglwcentos-upgrade-mesa-libglw-debuginfocentos-upgrade-mesa-libglw-develcentos-upgrade-xorg-x11-drv-aticentos-upgrade-xorg-x11-drv-ati-debuginfocentos-upgrade-xorg-x11-drv-vesacentos-upgrade-xorg-x11-drv-vesa-debuginfocentos-upgrade-xorg-x11-drv-wacomcentos-upgrade-xorg-x11-drv-wacom-debuginfocentos-upgrade-xorg-x11-drv-wacom-develcentos-upgrade-xorg-x11-server-commoncentos-upgrade-xorg-x11-server-debuginfocentos-upgrade-xorg-x11-server-develcentos-upgrade-xorg-x11-server-sourcecentos-upgrade-xorg-x11-server-xdmxcentos-upgrade-xorg-x11-server-xephyrcentos-upgrade-xorg-x11-server-xnestcentos-upgrade-xorg-x11-server-xorgcentos-upgrade-xorg-x11-server-xvfbcentos-upgrade-xorg-x11-server-xwayland
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.