Debian: WebKitGTK Critical Process Crash Issues DSA-6042-1 CVE-2025-43272
debian
October 28, 2025
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-43272 Big Bear discovered that processing maliciously crafted web content may lead to an un...
Topics Covered
Summary
CVE-2025-43272
Big Bear discovered that processing maliciously crafted web
content may lead to an unexpected process crash.
CVE-2025-43342
An anonymous researcher discovered that processing maliciously
crafted web content may lead to an unexpected process crash.
CVE-2025-43343
An anonymous researcher discovered that processing maliciously
crafted web content may lead to an unexpected process crash.
CVE-2025-43356
Jaydev Ahire discovered that a website may be able to access
sensor information without user consent.
CVE-2025-43368
Pawel Wylecial discovered that processing maliciously crafted web
content may lead to an unexpected process crash.
This WebKitGTK update causes a compatibility problem with older
versions of Evolution when handling e-mail attachments. For this
reason, fixed versions of Evolution have also been released along with
this WebKitGTK update.
For the oldstable distribution (bookworm), these problems have been fixed
in version 2.50.1-1~deb12u1.
For...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: webkit2gtk
CVE ID: CVE-2025-43272 CVE-2025-43342 CVE-2025-43343 CVE-2025-43356
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!