Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 40: FEDORA-2025-762804f16e critical: chromium issues

fedora
Calendar Grey March 8, 2025
Dist Fedora Esm H88
The latest Fedora 40 update tackles significant vulnerabilities found in Chromium, specifically concerning out of bounds reads and deficiencies in restriction measures.
Update to 134.0.6998.35 * CVE-2025-1914: Out of bounds read in V8 * CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools * CVE-2025-1916: Use a...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 134.0.6998.35 * CVE-2025-1914: Out of bounds read in V8 * CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools * CVE-2025-1916: Use after free in Profiles * CVE-2025-1917: Inappropriate Implementation in Browser UI * CVE-2025-1918: Out of bounds read in PDFium * CVE-2025-1919: Out of bounds read in Media * CVE-2025-1921: Inappropriate Implementation in Media Stream * CVE-2025-1922: Inappropriate Implementation in Selection * CVE-2025-1923: Inappropriate Implementation in Permission Prompts

Topics%20covered

Topics Covered

security advisory Fedora out of bounds chromium media stream free use improper limitation

Change Log

* Wed Mar 5 2025 Than Ngo - 134.0.6998.35 -1 - Update to 134.0.6998.35 * CVE-2025-1914: Out of bounds read in V8 * CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools * CVE-2025-1916: Use after free in Profiles * CVE-2025-1917: Inappropriate Implementation in Browser UI * CVE-2025-1918: Out of bounds read in PDFium * CVE-2025-1919: Out of bounds read in Media * CVE-2025-1921: Inappropriate Implementation in Media Stream * CVE-2025-1922: Inappropriate Implementation in Selection * CVE-2025-1923: Inappropriate Implementation in Permission Prompts

References


[ 1 ] Bug #2349973 - CVE-2025-1914 chromium: From CVEorg collector [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349973 [ 2 ] Bug #2349974 - CVE-2025-1914 chromium: From CVEorg collector [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349974 [ 3 ] Bug #2350032 - CVE-2025-1921 chromium: Inappropriate implementation in Media Stream [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350032 [ 4 ] Bug #2350033 - CVE-2025-1921 chromium: Inappropriate implementation in Media Stream [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350033 [ 5 ] Bug #2350034 - CVE-2025-1918 chromium: Out of bounds read in PDFium [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350034 [ 6 ] Bug #2350035 - CVE-2025-1918 chromium: Out of bounds read in PDFium [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350035 [ 7 ] Bug #2350036 - CVE-2025-1923 chromium: Inappropriate implementation in ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-762804f16e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 40
Version: 134.0.6998.35
Release: 1.fc40
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory Fedora out of bounds chromium media stream free use improper limitation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here