Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 665702 (CVE-2018-15853, CVE-2018-15854, CVE-2018-15855, CVE-2018-15856, CVE-2018-15857, CVE-2018-15858, CVE-2018-15859, CVE-2018-15861, CVE-2018-15862, CVE-2018-15863, CVE-2018-15864) - <x11-libs/libxkbcommon-0.8.2: multiple vulnerabilities (CVE-2018-{15853,15854,15855,15856,15857,15858,15859,15861,15862,15863,15864})
Summary: <x11-libs/libxkbcommon-0.8.2: multiple vulnerabilities (CVE-2018-{15853,15854...
Status: RESOLVED FIXED
Alias: CVE-2018-15853, CVE-2018-15854, CVE-2018-15855, CVE-2018-15856, CVE-2018-15857, CVE-2018-15858, CVE-2018-15859, CVE-2018-15861, CVE-2018-15862, CVE-2018-15863, CVE-2018-15864
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-09-11 12:02 UTC by GLSAMaker/CVETool Bot
Modified: 2018-11-01 19:07 UTC (History)
0 users

See Also:
Package list:
x11-libs/libxkbcommon-0.8.2
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-09-11 12:02:07 UTC
CVE-2018-15864 (https://nvd.nist.gov/vuln/detail/CVE-2018-15864):
  Unchecked NULL pointer usage in resolve_keysym in xkbcomp/parser.y in
  xkbcommon before 0.8.2 could be used by local attackers to crash (NULL
  pointer dereference) the xkbcommon parser by supplying a crafted keymap
  file, because a map access attempt can occur for a map that was never
  created.

CVE-2018-15863 (https://nvd.nist.gov/vuln/detail/CVE-2018-15863):
  Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c
  in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL
  pointer dereference) the xkbcommon parser by supplying a crafted keymap file
  with a no-op modmask expression.

CVE-2018-15862 (https://nvd.nist.gov/vuln/detail/CVE-2018-15862):
  Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon
  before 0.8.2 could be used by local attackers to crash (NULL pointer
  dereference) the xkbcommon parser by supplying a crafted keymap file with
  invalid virtual modifiers.

CVE-2018-15861 (https://nvd.nist.gov/vuln/detail/CVE-2018-15861):
  Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in
  xkbcommon before 0.8.2 could be used by local attackers to crash (NULL
  pointer dereference) the xkbcommon parser by supplying a crafted keymap file
  that triggers an xkb_intern_atom failure.

CVE-2018-15859 (https://nvd.nist.gov/vuln/detail/CVE-2018-15859):
  Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in
  xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to
  crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted
  keymap file, because lookup failures are mishandled.

CVE-2018-15858 (https://nvd.nist.gov/vuln/detail/CVE-2018-15858):
  Unchecked NULL pointer usage when handling invalid aliases in
  CopyKeyAliasesToKeymap in xkbcomp/keycodes.c in xkbcommon before 0.8.1 could
  be used by local attackers to crash (NULL pointer dereference) the xkbcommon
  parser by supplying a crafted keymap file.

CVE-2018-15857 (https://nvd.nist.gov/vuln/detail/CVE-2018-15857):
  An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in
  xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon
  keymap parsers or possibly have unspecified other impact by supplying a
  crafted keymap file.

CVE-2018-15856 (https://nvd.nist.gov/vuln/detail/CVE-2018-15856):
  An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the
  keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to
  cause a denial of service during parsing of crafted keymap files.

CVE-2018-15855 (https://nvd.nist.gov/vuln/detail/CVE-2018-15855):
  Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by
  local attackers to crash (NULL pointer dereference) the xkbcommon parser by
  supplying a crafted keymap file, because the XkbFile for an xkb_geometry
  section was mishandled.

CVE-2018-15854 (https://nvd.nist.gov/vuln/detail/CVE-2018-15854):
  Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by
  local attackers to crash (NULL pointer dereference) the xkbcommon parser by
  supplying a crafted keymap file, because geometry tokens were desupported
  incorrectly.

CVE-2018-15853 (https://nvd.nist.gov/vuln/detail/CVE-2018-15853):
  Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon
  before 0.8.1, which could be used by local attackers to crash xkbcommon
  users by supplying a crafted keymap file that triggers boolean negation.
Comment 1 Thomas Deutschmann gentoo-dev Security 2018-09-11 12:05:01 UTC
@ maintainer(s): Can we start stabilization of =x11-libs/libxkbcommon-0.8.2?
Comment 2 Matt Turner gentoo-dev 2018-09-11 15:31:42 UTC
Yes, let's proceed.
Comment 3 Matt Turner gentoo-dev 2018-09-11 20:57:29 UTC
ppc/ppc64 stable
Comment 4 Thomas Deutschmann gentoo-dev Security 2018-09-12 20:48:33 UTC
x86 stable
Comment 5 Agostino Sarubbo gentoo-dev 2018-09-13 14:47:03 UTC
amd64 stable
Comment 6 Tobias Klausmann gentoo-dev 2018-09-14 12:39:41 UTC
Stable on alpha.
Comment 7 Sergei Trofimovich gentoo-dev 2018-09-15 21:50:53 UTC
hppa stable
Comment 8 Sergei Trofimovich gentoo-dev 2018-09-15 21:52:08 UTC
ia64 stable
Comment 9 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2018-09-16 07:54:32 UTC
arm and s390 stable
Comment 10 Matt Turner gentoo-dev 2018-09-16 15:43:12 UTC
Vulnerable versions dropped
Comment 11 Matt Turner gentoo-dev 2018-10-06 12:37:33 UTC
security@?
Comment 12 Thomas Deutschmann gentoo-dev Security 2018-10-14 16:57:57 UTC
New GLSA request filed.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2018-10-30 21:05:28 UTC
This issue was resolved and addressed in
 GLSA 201810-05 at https://security.gentoo.org/glsa/201810-05
by GLSA coordinator Thomas Deutschmann (whissi).
Comment 14 Larry the Git Cow gentoo-dev 2018-11-01 19:07:13 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3122a89072702de4d437c8bd6472fc3ca9bd60ac

commit 3122a89072702de4d437c8bd6472fc3ca9bd60ac
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2018-11-01 16:57:49 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-11-01 19:07:01 +0000

    x11-libs/libxkbcommon: stable 0.8.2 for sparc
    
    Bug: https://bugs.gentoo.org/665702
    Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
    Package-Manager: Portage-2.3.49, Repoman-2.3.11
    RepoMan-Options: --include-arches="sparc"
    Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>

 x11-libs/libxkbcommon/libxkbcommon-0.8.2.ebuild | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)