Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Fedora 42 Binaryen Important Buffer Overflow CVE-2025-14956 2026-3831e11232

fedora
Calendar Grey April 30, 2026
Dist Fedora Esm H88
Fixes important CVE-2025-14956 related to buffer overflow in binaryen for Fedora 42.
Fixes CVE-2025-14956 .

Summary

Binaryen is a compiler and toolchain infrastructure library for WebAssembly,

written in C++. It aims to make compiling to WebAssembly easy, fast, and

effective:

* Easy: Binaryen has a simple C API in a single header, and can also be used

from JavaScript. It accepts input in WebAssembly-like form but also accepts

a general control flow graph for compilers that prefer that.

* Fast: Binaryen's internal IR uses compact data structures and is designed for

completely parallel codegen and optimization, using all available CPU cores.

Binaryen's IR also compiles down to WebAssembly extremely easily and quickly

because it is essentially a subset of WebAssembly.

* Effective: Binaryen's optimizer has many passes that can improve code very

significantly (e.g. local coloring to coalesce local variables; dead code

elimination; precomputing expressions when possible at compile time; etc.).

These optimizations aim to make Binaryen powerful enough to be used as a

compiler backend by itself. One specific area of focus is on

WebAssembly-specific optimizations (that general-purpose compilers might not

do), which you can think of as wasm minification , similar to minification for

JavaScript, CSS, etc., all of which are language-specific (an example of such

an optimization is block return value generation in SimplifyLocals).

Update Information:

Fixes CVE-2025-14956 .

Topics%20covered

Topics Covered

security advisory fedora buffer overflow important binaryen cve-2025-14956

Change Log

* Sun Feb 22 2026 Dominik Mierzejewski - 126-1 - update to 126 (resolves rhbz#2439791) - backport upstream fix for https://github.com/WebAssembly/binaryen/issues/8360 * Fri Jan 16 2026 Fedora Release Engineering - 125-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 125-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Nov 26 2025 Dominik Mierzejewski - 125-1 - update to 125 (resolves rhbz#2416026) * Sat Sep 27 2025 Dominik Mierzejewski - 124-1 - update to 124 (resolves rhbz#2392739) * Wed Jul 23 2025 Fedora Release Engineering - 123-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Sun Mar 30 2025 Dominik Mierzejewski - 123-1 - update to 123 (resolves rhbz#2354967) * Tue Mar 4 2025 Dominik Mierzejewski - 122-2 - unbundle FP16

References


[ 1 ] Bug #2429126 - CVE-2025-14956 binaryen: heap-based buffer overflow in WasmBinaryReader::readExpression() when parsing a malformed WebAssembly binary [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2429126

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3831e11232' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: binaryen
Product: Fedora 42
Version: 126
Release: 1.fc42
URL: https://github.com/WebAssembly/binaryen
Summary: Compiler and toolchain infrastructure library for WebAssembly

Topics%20covered

Topics Covered

security advisory fedora buffer overflow important binaryen cve-2025-14956

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here