Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 42: cef High Updates for Multiple CVEs FEDORA-2025-313f6d7702

fedora
Calendar Grey November 11, 2025
Dist Fedora Esm H88
High severity updates for Fedora 42's cef framework addressing multiple CVEs including use after free and heap buffer overflow.
Update to 141.0.7390.122 High CVE-2025-12036 chromium: Inappropriate implementation in V8 High CVE-2025-11756: Use after free in Safe Browsing High CVE-2025-11458: Heap buffer over...

Summary

CEF is an embeddable build of Chromium, powered by WebKit (Blink).

Update Information:

Update to 141.0.7390.122 High CVE-2025-12036 chromium: Inappropriate implementation in V8 High CVE-2025-11756: Use after free in Safe Browsing High CVE-2025-11458: Heap buffer overflow in Sync High CVE-2025-11460: Use after free in Storage Medium CVE-2025-11211: Out of bounds read in WebCodecs High CVE-2025-11205: Heap buffer overflow in WebGPU High CVE-2025-11206: Heap buffer overflow in Video Medium CVE-2025-11207: Side-channel information leakage in Storage Medium CVE-2025-11208: Inappropriate implementation in Media Medium CVE-2025-11209: Inappropriate implementation in Omnibox Medium CVE-2025-11210: Side-channel information leakage in Tab Medium CVE-2025-11211: Out of bounds read in Media Medium CVE-2025-11212: Inappropriate implementation in Media Medium CVE-2025-11213: Inappropriate implementation in Omnibox Medium CVE-2025-11215: Off by one error in V8 Low CVE-2025-11216: Inappropriate implementation in Storage Low CVE-2025-11219: Use after free in V8 CVE-2...

Topics%20covered

Topics Covered

security advisory fedora high heap buffer overflow Chromium cef

Change Log

* Thu Oct 30 2025 Than Ngo - 141.0.11^chromium141.0.7390.122-1 - Update to 141.0.7390.122 - * High CVE-2025-12036 chromium: Inappropriate implementation in V8 * Thu Oct 30 2025 Than Ngo - 141.0.11^chromium141.0.7390.107-1 - Update 141.0.7390.107 - * High CVE-2025-11756: Use after free in Safe Browsing * Thu Oct 30 2025 Than Ngo - 141.0.11^chromium141.0.7390.76-1 - Update to 141.0.7390.76 * Thu Oct 30 2025 Than Ngo - 141.0.11^chromium141.0.7390.65-1 - Update to 141.0.7390.65 - * High CVE-2025-11458: Heap buffer overflow in Sync - * High CVE-2025-11460: Use after free in Storage - * Medium CVE-2025-11211: Out of bounds read in WebCodecs - remove 0001-Change-use-of-removed-intrinsic.patch as it is included in 141.0.7390.65 * Thu Oct 30 2025 Than Ngo - 141.0.11^chromium141.0.7390.54-1 - Update to 141.0.7390.54 - * Update to cef-141.0.11+g7e73ac4 (rhbz#2402447) (Asahi Lina) - * High CVE-2025-11205: Heap buffer overflow in WebGPU - * High CVE-2025-11206: Heap buffer overflow in Video - * Medium CVE-2025-11207: Side-channel information leakage in Storage - * Medium CVE-2025-11208: Inappropriate implementation in Media - * Medium CVE-2025-11209: Inappropriate implementation in Omnibox - * Medium CVE-2025-11210: Side-channel information leakage in Tab - * Medium CVE-2025-11211: Out of bounds read in Media - * Medium CVE-2025-11212: Inappropriate implementation in Media - * Medium CVE-2025-11213: Inappropriate implementation in Omnibox - * Medium CVE-2025-11215: Off by one error in V8 - * Low CVE-2025-11216: Inappropriate implementation in Storage - * Low CVE-2025-11219: Use after free in V8 - Refreshed ppc64le patches - Fixed issue with incorrect display of the links on startpage in Darkmode - Fixed FTBFS - error: no member named 'bPsnrY' in 'Source_Picture_s' - Fixed, DebugInfo packages aren't being produced - Refreshed rust-clanglib patch - Fixed FTBFS due to old ffmpeg on Epel9 - Fixed FTBFS - error: invalid application of 'sizeof' to an incomplete type 'blink::CSSStyleSheet' - Fixed FTBFS due to missing header files

References

Fedora Update Notification FEDORA-2025-313f6d7702 2025-11-11 01:25:41.925098+00:00 Name : cef Product : Fedora 42 Version : 141.0.11^chromium141.0.7390.122 Release : 1.fc42 URL : https://bitbucket.org/chromiumembedded/cef Summary : Chromium Embedded Framework Description : CEF is an embeddable build of Chromium, powered by WebKit (Blink).

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-313f6d7702' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: cef
Product: Fedora 42
Version: 141.0.11^chromium141.0.7390.122
Release: 1.fc42
URL: https://bitbucket.org/chromiumembedded/cef
Summary: Chromium Embedded Framework

Topics%20covered

Topics Covered

security advisory fedora high heap buffer overflow Chromium cef

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here