Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 42 chromium critical: CVE-2025-6555, 6556, 6557 issues

fedora
Calendar Grey June 30, 2025
Dist Fedora Esm H88
Upgrade Chromium on Fedora 42 to address severe vulnerabilities such as use-after-free bugs and inadequate data checks.
Update to 138.0.7204.49 CVE-2025-6555: Use after free in Animation CVE-2025-6556: Insufficient policy enforcement in Loader CVE-2025-6557: Insufficient data validation in DevTools

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 138.0.7204.49 CVE-2025-6555: Use after free in Animation CVE-2025-6556: Insufficient policy enforcement in Loader CVE-2025-6557: Insufficient data validation in DevTools

Topics%20covered

Topics Covered

security advisory fedora important data validation animation issue loader enforcement

Change Log

* Tue Jun 24 2025 Than Ngo - 138.0.7204.49-1 - Update to 138.0.7204.49 * CVE-2025-6555: Use after free in Animation * CVE-2025-6556: Insufficient policy enforcement in Loader * CVE-2025-6557: Insufficient data validation in DevTools

References


[ 1 ] Bug #2374686 - CVE-2025-6555 chromium: Chromium use after free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374686 [ 2 ] Bug #2374687 - CVE-2025-6557 chromium: Chromium data validation vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374687 [ 3 ] Bug #2374688 - CVE-2025-6556 chromium: Chromium policy enforcement vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374688 [ 4 ] Bug #2374689 - CVE-2025-6555 chromium: Chromium use after free vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374689 [ 5 ] Bug #2374690 - CVE-2025-6556 chromium: Chromium policy enforcement vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374690 [ 6 ] Bug #2374691 - CVE-2025-6557 chromium: Chromium data validation vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2374691

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-1a665fa5c8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 42
Version: 138.0.7204.49
Release: 1.fc42
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory fedora important data validation animation issue loader enforcement

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here