Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 42: 2025-5427adc3f4 critical issues with webkitgtk reported

fedora
Calendar Grey April 11, 2025
Dist Fedora Esm H88
Important Fedora 42 notice regarding webkitgtk, addressing multiple concerns such as DoS and XSS vulnerabilities.
Limit the data stored in session state

Summary

WebKitGTK is the port of the WebKit web rendering engine to the

GTK platform.

Update Information:

Limit the data stored in session state. Remove the empty area below the title bar in Web Inspector when not docked. Fix various crashes and rendering issues

Topics%20covered

Topics Covered

security advisory denial of service update Fedora XSS webkitgtk

Change Log

* Wed Apr 2 2025 Michael Catanzaro - 2.48.1-2 - Add patch to fix non-x86, non-ARM build * Wed Apr 2 2025 Michael Catanzaro - 2.48.1-1 - Update to WebKitGTK 2.48.1

References


[ 1 ] Bug #2357987 - CVE-2024-54551 webkitgtk: Processing web content may lead to a denial-of-service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2357987 [ 2 ] Bug #2357990 - CVE-2025-24208 webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2357990 [ 3 ] Bug #2357993 - CVE-2025-24209 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2357993 [ 4 ] Bug #2357998 - CVE-2025-24216 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2357998 [ 5 ] Bug #2358000 - CVE-2025-24264 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2358000 [ 6 ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5427adc3f4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: webkitgtk
Product: Fedora 42
Version: 2.48.1
Release: 2.fc42
URL: https://www.webkitgtk.org/
Summary: GTK web content engine library

Topics%20covered

Topics Covered

security advisory denial of service update Fedora XSS webkitgtk

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here