Alerts This Week
Warning Icon 1 1,213
Alerts This Week
Warning Icon 1 1,213

Fedora 41: chromium CVE-2025-7656, 7657, 6558 Critical Alerts

fedora
Calendar Grey July 19, 2025
Dist Fedora Esm H88
CVE-2025-7634, 7635, and 6547 in Fedora’s Firefox browser, focusing on significant security enhancements and vulnerabilities.
Update to 138.0.7204.157 * CVE-2025-7656: Integer overflow in V8 * CVE-2025-7657: Use after free in WebRTC * CVE-2025-6558: Incorrect validation of untrusted input in ANGLE and ...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 138.0.7204.157 * CVE-2025-7656: Integer overflow in V8 * CVE-2025-7657: Use after free in WebRTC * CVE-2025-6558: Incorrect validation of untrusted input in ANGLE and GPU

Topics%20covered

Topics Covered

security advisory fedora integer overflow use-after-free Chromium insufficient validation

Change Log

* Wed Jul 16 2025 Than Ngo - 138.0.7204.157-1 - Update to 138.0.7204.157 * CVE-2025-7656: Integer overflow in V8 * CVE-2025-7657: Use after free in WebRTC * CVE-2025-6558: Incorrect validation of untrusted input in ANGLE and GPU * Fri Jul 11 2025 Tom Stellard -138.0.7204.100-2 - Update rust-clanglib patch for clang 21

References


[ 1 ] Bug #2376010 - CVE-2025-34092 chromium: Chrome Cookie Key Exposure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2376010 [ 2 ] Bug #2380352 - CVE-2025-7657 chromium: Chromium use after free [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2380352 [ 3 ] Bug #2380353 - CVE-2025-7656 chromium: Chromium integer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2380353 [ 4 ] Bug #2380354 - CVE-2025-6558 chromium: Chromium insufficient validation [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2380354 [ 5 ] Bug #2380355 - CVE-2025-7656 chromium: Chromium integer overflow [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2380355 [ 6 ] Bug #2380356 - CVE-2025-7657 chromium: Chromium use after free [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2380356 [ 7 ] Bug #2380357 - CVE-2025-6558 chromium: Chromium insufficient validation [fedora-all] https://...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-3c3f7d86db' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 41
Version: 138.0.7204.157
Release: 1.fc41
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory fedora integer overflow use-after-free Chromium insufficient validation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here