Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Fedora 41: Chromium High Heap Buffer Overflows Advisories 2025-2d4d91b00a

fedora
Calendar Grey October 9, 2025
Dist Fedora Esm H88
Critical updates for Fedora 41 Chromium address significant heap overflow risks. Details on updates and installation instructions.
Update to 141.0.7390.54 * High CVE-2025-11205: Heap buffer overflow in WebGPU * High CVE-2025-11206: Heap buffer overflow in Video * Medium CVE-2025-11207: Side-channel informat...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 141.0.7390.54 * High CVE-2025-11205: Heap buffer overflow in WebGPU * High CVE-2025-11206: Heap buffer overflow in Video * Medium CVE-2025-11207: Side-channel information leakage in Storage * Medium CVE-2025-11208: Inappropriate implementation in Media * Medium CVE-2025-11209: Inappropriate implementation in Omnibox * Medium CVE-2025-11210: Side-channel information leakage in Tab * Medium CVE-2025-11211: Out of bounds read in Media * Medium CVE-2025-11212: Inappropriate implementation in Media * Medium CVE-2025-11213: Inappropriate implementation in Omnibox * Medium CVE-2025-11215: Off by one error in V8 * Low CVE-2025-11216: Inappropriate implementation in Storage * Low CVE-2025-11219: Use after free in V8

Topics%20covered

Topics Covered

security advisory fedora heap overflow high web browser informational

Change Log

* Thu Oct 2 2025 Than Ngo - 141.0.7390.54-1 - Update to 141.0.7390.54 * High CVE-2025-11205: Heap buffer overflow in WebGPU * High CVE-2025-11206: Heap buffer overflow in Video * Medium CVE-2025-11207: Side-channel information leakage in Storage * Medium CVE-2025-11208: Inappropriate implementation in Media * Medium CVE-2025-11209: Inappropriate implementation in Omnibox * Medium CVE-2025-11210: Side-channel information leakage in Tab * Medium CVE-2025-11211: Out of bounds read in Media * Medium CVE-2025-11212: Inappropriate implementation in Media * Medium CVE-2025-11213: Inappropriate implementation in Omnibox * Medium CVE-2025-11215: Off by one error in V8 * Low CVE-2025-11216: Inappropriate implementation in Storage * Low CVE-2025-11219: Use after free in V8

References


[ 1 ] Bug #2381730 - DebugInfo packages aren't being produced. https://bugzilla.redhat.com/show_bug.cgi?id=2381730 [ 2 ] Bug #2400095 - Update chromium-141.0.7390.54 major release [fedora-all, epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2400095

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-2d4d91b00a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: chromium
Product: Fedora 41
Version: 141.0.7390.54
Release: 1.fc41
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory fedora heap overflow high web browser informational

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here