Fixed
Created: Oct 30, 2018
Updated: Jan 31, 2023
Resolved Date: Jan 31, 2023
Found In Version: unknown
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace
Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method.
https://nvd.nist.gov/vuln/detail/CVE-2018-18398