Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Fedora 44 cef Critical Heap Buffer Overflow Type Confusion 2026-376794abc1

fedora
Calendar Grey March 7, 2026
Dist Fedora Esm H88
Critical update for Fedora 44 cef addressing heap overflow and use after free issues. Essential patches included.
Update to cef-145.0.25 + chromium 145.0.7632.75 CVE-2026-1861: Heap buffer overflow in libvpx CVE-2026-1862: Type Confusion in V8 CVE-2026-2313: Use after free in CSS CVE-2026-2314...

Summary

CEF is an embeddable build of Chromium, powered by WebKit (Blink).

Update Information:

Update to cef-145.0.25 + chromium 145.0.7632.75 CVE-2026-1861: Heap buffer overflow in libvpx CVE-2026-1862: Type Confusion in V8 CVE-2026-2313: Use after free in CSS CVE-2026-2314: Heap buffer overflow in Codecs CVE-2026-2315: Inappropriate implementation in WebGPU CVE-2026-2316: Insufficient policy enforcement in Frames CVE-2026-2317: Inappropriate implementation in Animation CVE-2026-2318: Inappropriate implementation in PictureInPicture CVE-2026-2319: Race in DevTools CVE-2026-2320: Inappropriate implementation in File input CVE-2026-2321: Use after free in Ozone CVE-2026-2322: Inappropriate implementation in File input CVE-2026-2323: Inappropriate implementation in Downloads CVE-2026-2441: Use after free in CSS

Topics%20covered

Topics Covered

security advisory fedora critical heap buffer overflow use-after-free type confusion

Change Log

* Fri Feb 20 2026 Than Ngo - 145.0.25^chromium145.0.7632.75-1 - Update to 145.0.7632.75 - * CVE-2026-2441: Use after free in CSS - Fix FTFS on aarch64/ppc64le caused by missing include file (el9) - Enable rustc_nightly_capability * Fri Feb 20 2026 Than Ngo - 145.0.25^chromium145.0.7632.45-1 - Update to 145.0.7632.45 - * CVE-2026-2313: Use after free in CSS - * CVE-2026-2314: Heap buffer overflow in Codecs - * CVE-2026-2315: Inappropriate implementation in WebGPU - * CVE-2026-2316: Insufficient policy enforcement in Frames - * CVE-2026-2317: Inappropriate implementation in Animation - * CVE-2026-2318: Inappropriate implementation in PictureInPicture - * CVE-2026-2319: Race in DevTools - * CVE-2026-2320: Inappropriate implementation in File input - * CVE-2026-2321: Use after free in Ozone - * CVE-2026-2322: Inappropriate implementation in File input - * CVE-2026-2323: Inappropriate implementation in Downloads - Hoshino Lina: Update to cef-145.0.25+g265860d * Fri Feb 20 2026 Than Ngo - 144.0.11^chromium144.0.7559.132-1 - Update to 144.0.7559.132 - * CVE-2026-1861: Heap buffer overflow in libvpx - * CVE-2026-1862: Type Confusion in V8 - Add BR on esbuild - Disable devtool bundle - Update scripts for downloading the source

References

Fedora Update Notification FEDORA-2026-376794abc1 2026-03-07 00:17:58.501618+00:00 Name : cef Product : Fedora 44 Version : 145.0.25^chromium145.0.7632.75 Release : 4.fc44 URL : https://bitbucket.org/chromiumembedded/cef Summary : Chromium Embedded Framework Description : CEF is an embeddable build of Chromium, powered by WebKit (Blink).

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-376794abc1' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: cef
Product: Fedora 44
Version: 145.0.25^chromium145.0.7632.75
Release: 4.fc44
URL: https://bitbucket.org/chromiumembedded/cef
Summary: Chromium Embedded Framework

Topics%20covered

Topics Covered

security advisory fedora critical heap buffer overflow use-after-free type confusion

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here