Fedora 40: FEDORA-2025-4c65803ea6 critical: chromium memory access issues
fedora
January 18, 2025
Update to 132.0.6834.83 * High CVE-2025-0434: Out of bounds memory access in V8 * High CVE-2025-0435: Inappropriate implementation in Navigation * High CVE-2025-0436: Integer ov...
Summary
Chromium is an open-source web browser, powered by WebKit (Blink).
Update Information:
Update to 132.0.6834.83 * High CVE-2025-0434: Out of bounds memory access in V8 * High CVE-2025-0435: Inappropriate implementation in Navigation * High CVE-2025-0436: Integer overflow in Skia * High CVE-2025-0437: Out of bounds read in Metrics * High CVE-2025-0438: Stack buffer overflow in Tracing * Medium CVE-2025-0439: Race in Frames * Medium CVE-2025-0440: Inappropriate implementation in Fullscreen * Medium CVE-2025-0441: Inappropriate implementation in Fenced * Medium CVE-2025-0442: Inappropriate implementation in Payments * Medium CVE-2025-0443: Insufficient data validation in Extensions * Low CVE-2025-0446: Inappropriate implementation in Extensions * Low CVE-2025-0447: Inappropriate implementation in Navigation * Low CVE-2025-0448: Inappropriate implementation in Compositing
Change Log
* Wed Jan 15 2025 Than Ngo
References
[ 1 ] Bug #2336836 - CVE-2025-0291 chromium: Type Confusion in V8 [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2336836
[ 2 ] Bug #2336837 - CVE-2025-0291 chromium: Type Confusion in V8 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2336837
[ 3 ] Bug #2338180 - CVE-2025-0437 chromium: Out of bounds read in Metrics [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2338180
[ 4 ] Bug #2338181 - CVE-2025-0437 chromium: Out of bounds read in Metrics [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2338181
[ 5 ] Bug #2338200 - CVE-2025-0438 chromium: Stack buffer overflow in Tracing [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2338200
[ 6 ] Bug #2338218 - CVE-2025-0434 chromium: Out of bounds memory access in V8 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2338218
[ 7 ] Bug #2338230 - CVE-2025-0436 chromium: From CVEorg collector [fedora-all]
https://bug...
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4c65803ea6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: chromium
Product: Fedora 40
Version: 132.0.6834.83
Release: 1.fc40
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!