NULL Pointer Dereference Vulnerability in xkbcommon's ResolveStateAndPredicate Function

NULL Pointer Dereference Vulnerability in xkbcommon's ResolveStateAndPredicate Function

CVE-2018-15863 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression.

Learn more about our Web Application Penetration Testing UK.