Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Fedora 43 CEF Important Update Heap Buffer Type Confusion 2026-0bced5158d

fedora
Calendar Grey March 2, 2026
Dist Fedora Esm H88
Critical updates for Fedora 43 CEF addressing multiple significant flaws, ensuring system integrity and performance.
Update to cef-145.0.25 + chromium 145.0.7632.75 CVE-2026-1861: Heap buffer overflow in libvpx CVE-2026-1862: Type Confusion in V8 CVE-2026-2313: Use after free in CSS CVE-2026-2314...

Summary

CEF is an embeddable build of Chromium, powered by WebKit (Blink).

Update Information:

Update to cef-145.0.25 + chromium 145.0.7632.75 CVE-2026-1861: Heap buffer overflow in libvpx CVE-2026-1862: Type Confusion in V8 CVE-2026-2313: Use after free in CSS CVE-2026-2314: Heap buffer overflow in Codecs CVE-2026-2315: Inappropriate implementation in WebGPU CVE-2026-2316: Insufficient policy enforcement in Frames CVE-2026-2317: Inappropriate implementation in Animation CVE-2026-2318: Inappropriate implementation in PictureInPicture CVE-2026-2319: Race in DevTools CVE-2026-2320: Inappropriate implementation in File input CVE-2026-2321: Use after free in Ozone CVE-2026-2322: Inappropriate implementation in File input CVE-2026-2323: Inappropriate implementation in Downloads CVE-2026-2441: Use after free in CSS

Topics%20covered

Topics Covered

security advisory fedora important type confusion heap buffer webgpu

Change Log

* Fri Feb 20 2026 Than Ngo - 145.0.25^chromium145.0.7632.75-1 - Update to 145.0.7632.75 - * CVE-2026-2441: Use after free in CSS - Fix FTFS on aarch64/ppc64le caused by missing include file (el9) - Enable rustc_nightly_capability * Fri Feb 20 2026 Than Ngo - 145.0.25^chromium145.0.7632.45-1 - Update to 145.0.7632.45 - * CVE-2026-2313: Use after free in CSS - * CVE-2026-2314: Heap buffer overflow in Codecs - * CVE-2026-2315: Inappropriate implementation in WebGPU - * CVE-2026-2316: Insufficient policy enforcement in Frames - * CVE-2026-2317: Inappropriate implementation in Animation - * CVE-2026-2318: Inappropriate implementation in PictureInPicture - * CVE-2026-2319: Race in DevTools - * CVE-2026-2320: Inappropriate implementation in File input - * CVE-2026-2321: Use after free in Ozone - * CVE-2026-2322: Inappropriate implementation in File input - * CVE-2026-2323: Inappropriate implementation in Downloads - Hoshino Lina: Update to cef-145.0.25+g265860d * Fri Feb 20 2026 Than Ngo - 144.0.11^chromium144.0.7559.132-1 - Update to 144.0.7559.132 - * CVE-2026-1861: Heap buffer overflow in libvpx - * CVE-2026-1862: Type Confusion in V8 - Add BR on esbuild - Disable devtool bundle - Update scripts for downloading the source

References

Fedora Update Notification FEDORA-2026-0bced5158d 2026-03-02 00:40:42.980478+00:00 Name : cef Product : Fedora 43 Version : 145.0.25^chromium145.0.7632.75 Release : 4.fc43 URL : https://bitbucket.org/chromiumembedded/cef Summary : Chromium Embedded Framework Description : CEF is an embeddable build of Chromium, powered by WebKit (Blink).

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0bced5158d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: cef
Product: Fedora 43
Version: 145.0.25^chromium145.0.7632.75
Release: 4.fc43
URL: https://bitbucket.org/chromiumembedded/cef
Summary: Chromium Embedded Framework

Topics%20covered

Topics Covered

security advisory fedora important type confusion heap buffer webgpu

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here