Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 42:webkitgtk Crucial Update Addressing Process Crash CVE-2025-43272

fedora
Calendar Grey September 25, 2025
Dist Fedora Esm H88
Fedora 42's latest update enhances webkitgtk 2.50.0 security by fixing critical rendering vulnerabilities, improving web performance, and optimizing resource usage
Update to 2.50.0: Improved rendering performance by recording each layer once and replaying every dirty region in different worker threads

Summary

WebKitGTK is the port of the WebKit web rendering engine to the

GTK platform.

Update Information:

Update to 2.50.0: Improved rendering performance by recording each layer once and replaying every dirty region in different worker threads. Enable damage propagation to the UI process by default. CSS property font-variant-emoji is now enabled by default. Font synthesis properties (bold/italic) are now properly handled. Ensure web view is focused on tap gesture. Added new API to get the theme color of a WebKitWebView. Fix CVE-2025-43272, CVE-2025-43342, CVE-2025-43356, CVE-2025-43368

Topics%20covered

Topics Covered

security advisory fedora important webkitgtk process crash unexpected behavior

Change Log

* Fri Sep 19 2025 Michael Catanzaro - 2.50.0-1 - Update to 2.50.0

References


[ 1 ] Bug #2397882 - CVE-2025-43368 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2397882 [ 2 ] Bug #2397887 - CVE-2025-43356 webkitgtk: A website may be able to access sensor information without user consent [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2397887 [ 3 ] Bug #2397892 - CVE-2025-43342 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2397892 [ 4 ] Bug #2397897 - CVE-2025-43272 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2397897

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-fcc043d407' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: webkitgtk
Product: Fedora 42
Version: 2.50.0
Release: 1.fc42
URL: https://www.webkitgtk.org/
Summary: GTK web content engine library

Topics%20covered

Topics Covered

security advisory fedora important webkitgtk process crash unexpected behavior

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here