Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression. Upstream patch: https://github.com/xkbcommon/libxkbcommon/commit/96df3106d49438e442510c59acad306e94f3db4d References: https://lists.freedesktop.org/archives/wayland-devel/2018-August/039243.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2079 https://access.redhat.com/errata/RHSA-2019:2079
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-15863