Mageia Advisory: MGASA-2025-0321 - Updated xkbcomp packages fix security vulnerabilities

Updated xkbcomp packages fix security vulnerabilities

Publication date: 04 Dec 2025
Modification date: 04 Dec 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2018-15853 , CVE-2018-15859 , CVE-2018-15861 , CVE-2018-15863

Description

Endless recursion in xkbcomp/expr.c resulting in a crash.
(CVE-2018-15853)
NULL pointer dereference when parsing invalid atoms in ExprResolveLhs
resulting in a crash. (CVE-2018-15859)
NULL pointer dereference in ExprResolveLhs resulting in a crash.
(CVE-2018-15861)
NULL pointer dereference in ResolveStateAndPredicate resulting in a
crash. (CVE-2018-15863)

References

https://bugs.mageia.org/show_bug.cgi?id=34796
https://www.openwall.com/lists/oss-security/2025/12/03/1
https://www.cve.org/CVERecord?id=CVE-2018-15853
https://www.cve.org/CVERecord?id=CVE-2018-15859
https://www.cve.org/CVERecord?id=CVE-2018-15861
https://www.cve.org/CVERecord?id=CVE-2018-15863

SRPMS

9/core

xkbcomp-1.4.6-1.1.mga9

Advisories » MGASA-2025-0321

Updated xkbcomp packages fix security vulnerabilities

Description

References

SRPMS

9/core