CVE-2018-15853

Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation.

References

Affected packages

Git / github.com/xkbcommon/libxkbcommon

Affected ranges

Type: GIT
Repo: https://github.com/xkbcommon/libxkbcommon
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1f9d1248c07cda8aaff762429c0dce146de8632a

Affected versions

xkbcommon-0.*

xkbcommon-0.2.0

xkbcommon-0.3.0

xkbcommon-0.3.1

xkbcommon-0.3.2

xkbcommon-0.4.0

xkbcommon-0.4.1

xkbcommon-0.4.2

xkbcommon-0.4.3

xkbcommon-0.5.0

xkbcommon-0.6.0

xkbcommon-0.6.1

xkbcommon-0.7.0

xkbcommon-0.7.1

xkbcommon-0.7.2

xkbcommon-0.8.0

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a",
        "id": "CVE-2018-15853-4ce843d1",
        "digest": {
            "line_hashes": [
                "38329813360607004553092467826760994406",
                "182458909361269598744252420272304667328",
                "265924496730946848593345593789483999581",
                "112869328122952996430498009101837060069"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "src/xkbcomp/expr.c"
        }
    },
    {
        "source": "https://github.com/xkbcommon/libxkbcommon/commit/1f9d1248c07cda8aaff762429c0dce146de8632a",
        "id": "CVE-2018-15853-e0dd6fde",
        "digest": {
            "function_hash": "209006827910055964214525848213169957960",
            "length": 1539.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "ExprResolveBoolean",
            "file": "src/xkbcomp/expr.c"
        }
    }
]