Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 43 Chromium Critical Heap Buffer Overflow Advisory 2026-d3c82235d4

fedora
Calendar Grey April 22, 2026
Dist Fedora Esm H88
Critical updates for Chromium fix multiple buffer overflows and use-after-free issues. Upgrade for secure browsing.
Update to 147.0.7727.101 Critical CVE-2026-6296: Heap buffer overflow in ANGLE Critical CVE-2026-6297: Use after free in Proxy Critical CVE-2026-6298: Heap buffer overflow in Skia ...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 147.0.7727.101 Critical CVE-2026-6296: Heap buffer overflow in ANGLE Critical CVE-2026-6297: Use after free in Proxy Critical CVE-2026-6298: Heap buffer overflow in Skia Critical CVE-2026-6299: Use after free in Prerender Critical CVE-2026-6358: Use after free in XR High CVE-2026-6359: Use after free in Video High CVE-2026-6300: Use after free in CSS High CVE-2026-6301: Type Confusion in Turbofan High CVE-2026-6302: Use after free in Video High CVE-2026-6303: Use after free in Codecs High CVE-2026-6304: Use after free in Graphite High CVE-2026-6305: Heap buffer overflow in PDFium High CVE-2026-6306: Heap buffer overflow in PDFium High CVE-2026-6307: Type Confusion in Turbofan High CVE-2026-6308: Out of bounds read in Media High CVE-2026-6309: Use after free in Viz High CVE-2026-6360: Use after free in FileSystem High CVE-2026-6310: Use after free in Dawn High CVE-2026-6311: Uninitialized Use in Accessibility High CVE-2026-6312: Insufficient policy enfor...

Topics%20covered

Topics Covered

security advisory fedora critical overflow buffer heap

Change Log

* Wed Apr 15 2026 Than Ngo - 147.0.7727.101-1 - Update to 147.0.7727.101 * Critical CVE-2026-6296: Heap buffer overflow in ANGLE * Critical CVE-2026-6297: Use after free in Proxy * Critical CVE-2026-6298: Heap buffer overflow in Skia * Critical CVE-2026-6299: Use after free in Prerender * Critical CVE-2026-6358: Use after free in XR * High CVE-2026-6359: Use after free in Video * High CVE-2026-6300: Use after free in CSS * High CVE-2026-6301: Type Confusion in Turbofan * High CVE-2026-6302: Use after free in Video * High CVE-2026-6303: Use after free in Codecs * High CVE-2026-6304: Use after free in Graphite * High CVE-2026-6305: Heap buffer overflow in PDFium * High CVE-2026-6306: Heap buffer overflow in PDFium * High CVE-2026-6307: Type Confusion in Turbofan * High CVE-2026-6308: Out of bounds read in Media * High CVE-2026-6309: Use after free in Viz * High CVE-2026-6360: Use after free in FileSystem * High CVE-2026-6310: Use after free in Dawn * High CVE-2026-6311: Uninitialized Use in Accessibility * High CVE-2026-6312: Insufficient policy enforcement in Passwords * High CVE-2026-6313: Insufficient policy enforcement in CORS * High CVE-2026-6314: Out of bounds write in GPU * High CVE-2026-6315: Use after free in Permissions * High CVE-2026-6316: Use after free in Forms * High CVE-2026-6361: Heap buffer overflow in PDFium * High CVE-2026-6362: Use after free in Codecs * High CVE-2026-6317: Use after free in Cast * Medium CVE-2026-6363: Type Confusion in V8 * Medium CVE-2026-6318: Use after free in Codecs * Medium CVE-2026-6319: Use after free in Payments * Medium CVE-2026-6364: Out of bounds read in Skia * Thu Apr 9 2026 Than Ngo - 147.0.7727.55-1 - Update to 147.0.7727.55 * Critical CVE-2026-5858: Heap buffer overflow in WebML * Critical CVE-2026-5859: Integer overflow in WebML * High CVE-2026-5860: Use after free in WebRTC * High CVE-2026-5861: Use after free in V8 * High CVE-2026-5862: Inappropriate implementation in V8 * High CVE-2026-5863: Inappropriate implementation in V8 * High CVE-2026-5864: Heap buffer overflow in WebAudio * High CVE-2026-5865: Type Confusion in V8 * High CVE-2026-5866: Use after free in Media * High CVE-2026-5867: Heap buffer overflow in WebML * High CVE-2026-5868: Heap buffer overflow in ANGLE * High CVE-2026-5869: Heap buffer overflow in WebML * High CVE-2026-5870: Integer overflow in Skia * High CVE-2026-5871: Type Confusion in V8 * High CVE-2026-5872: Use after free in Blink * High CVE-2026-5873: Out of bounds read and write in V8 * Medium CVE-2026-5874: Use after free in PrivateAI * Medium CVE-2026-5875: Policy bypass in Blink * Medium CVE-2026-5876: Side-channel information leakage in Navigation * Medium CVE-2026-5877: Use after free in Navigation * Medium CVE-2026-5878: Incorrect security UI in Blink * Medium CVE-2026-5879: Insufficient validation of untrusted input in ANGLE * Medium CVE-2026-5880: Incorrect security UI in browser UI * Medium CVE-2026-5881: Policy bypass in LocalNetworkAccess * Medium CVE-2026-5882: Incorrect security UI in Fullscreen * Medium CVE-2026-5883: Use after free in Media * Medium CVE-2026-5884: Insufficient validation of untrusted input in Media * Medium CVE-2026-5885: Insufficient validation of untrusted input in WebML * Medium CVE-2026-5886: Out of bounds read in WebAudio * Medium CVE-2026-5887: Insufficient validation of untrusted input in Downloads * Medium CVE-2026-5888: Uninitialized Use in WebCodecs * Medium CVE-2026-5889: Cryptographic Flaw in PDFium * Medium CVE-2026-5890: Race in WebCodecs * Medium CVE-2026-5891: Insufficient policy enforcement in browser UI * Medium CVE-2026-5892: Insufficient policy enforcement in PWAs * Medium CVE-2026-5893: Race in V8 * Low CVE-2026-5894: Inappropriate implementation in PDF * Low CVE-2026-5895: Incorrect security UI in Omnibox * Low CVE-2026-5896: Policy bypass in Audio * Low CVE-2026-5897: Incorrect security UI in Downloads * Low CVE-2026-5898: Incorrect security UI in Omnibox * Low CVE-2026-5899: Incorrect security UI in History Navigation * Low CVE-2026-5900: Policy bypass in Downloads * Low CVE-2026-5901: Policy bypass in DevTools * Low CVE-2026-5902: Race in Media * Low CVE-2026-5903: Policy bypass in IFrameSandbox * Low CVE-2026-5904: Use after free in V8 * Low CVE-2026-5905: Incorrect security UI in Permissions * Low CVE-2026-5906: Incorrect security UI in Omnibox * Low CVE-2026-5907: Insufficient data validation in Media * Low CVE-2026-5908: Integer overflow in Media * Low CVE-2026-5909: Integer overflow in Media * Low CVE-2026-5910: Integer overflow in Media * Low CVE-2026-5911: Policy bypass in ServiceWorkers * Low CVE-2026-5912: Integer overflow in WebRTC * Low CVE-2026-5913: Out of bounds read in Blink * Low CVE-2026-5914: Type Confusion in CSS * Low CVE-2026-5915: Insufficient validation of untrusted input in WebML * Low CVE-2026-5918: Inappropriate implementation in Navigation * Low CVE-2026-5919: Insufficient validation of untrusted input in WebSockets

References


[ 1 ] Bug #2458847 - CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6300 CVE-2026-6301 CVE-2026-6302 CVE-2026-6305 CVE-2026-6306 CVE-2026-6307 CVE-2026-6318 CVE-2026-6319 CVE-2026-6358 CVE-2026-6359 CVE-2026-6360 CVE-2026-6362 chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458847 [ 2 ] Bug #2458848 - CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6300 CVE-2026-6301 CVE-2026-6302 CVE-2026-6305 CVE-2026-6306 CVE-2026-6307 CVE-2026-6318 CVE-2026-6319 CVE-2026-6358 CVE-2026-6359 CVE-2026-6360 CVE-2026-6362 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458848

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-d3c82235d4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 43
Version: 147.0.7727.101
Release: 1.fc43
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory fedora critical overflow buffer heap

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here