Invalid Free Vulnerability in xkbcommon Keymap Parsers

Invalid Free Vulnerability in xkbcommon Keymap Parsers

CVE-2018-15857 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file.

Learn more about our Web Application Penetration Testing UK.