Alerts This Week
Warning Icon 1 562
Alerts This Week
Warning Icon 1 562

Fedora 43 Cef High Heap Overflow and Use After Free CVE-2026-5273

fedora
Calendar Grey April 16, 2026
Dist Fedora Esm H88
Critical updates for Fedora 43 cef address multiple high severity issues. Stay secure and updated.
Update to 146.0.7680.177 + cef-146.0.11+g8e1262b High CVE-2026-5273: Use after free in CSS High CVE-2026-5272: Heap buffer overflow in GPU High CVE-2026-5274: Integer overflow in C...

Summary

CEF is an embeddable build of Chromium, powered by WebKit (Blink).

Update Information:

Update to 146.0.7680.177 + cef-146.0.11+g8e1262b High CVE-2026-5273: Use after free in CSS High CVE-2026-5272: Heap buffer overflow in GPU High CVE-2026-5274: Integer overflow in Codecs High CVE-2026-5275: Heap buffer overflow in ANGLE High CVE-2026-5276: Insufficient policy enforcement in WebUSB High CVE-2026-5277: Integer overflow in ANGLE High CVE-2026-5278: Use after free in Web MIDI High CVE-2026-5279: Object corruption in V8 High CVE-2026-5280: Use after free in WebCodecs High CVE-2026-5281: Use after free in Dawn High CVE-2026-5282: Out of bounds read in WebCodecs High CVE-2026-5283: Inappropriate implementation in ANGLE High CVE-2026-5284: Use after free in Dawn High CVE-2026-5285: Use after free in WebGL High CVE-2026-5286: Use after free in Dawn High CVE-2026-5287: Use after free in PDF High CVE-2026-5288: Use after free in WebView High CVE-2026-5289: Use after free in Navigation High CVE-2026-5290: Use after free in Compositing Medium CVE-2026-5291: In...

Topics%20covered

Topics Covered

security advisory fedora buffer overflow high heap cef

Change Log

* Wed Apr 15 2026 Hoshino Lina - 146.0.11^chromium146.0.7680.177-1 - Update to cef-146.0.11+g8e1262b * Wed Apr 15 2026 Than Ngo - 146.0.9^chromium146.0.7680.177-1 - Update to 146.0.7680.177 - * High CVE-2026-5273: Use after free in CSS - * High CVE-2026-5272: Heap buffer overflow in GPU - * High CVE-2026-5274: Integer overflow in Codecs - * High CVE-2026-5275: Heap buffer overflow in ANGLE - * High CVE-2026-5276: Insufficient policy enforcement in WebUSB - * High CVE-2026-5277: Integer overflow in ANGLE - * High CVE-2026-5278: Use after free in Web MIDI - * High CVE-2026-5279: Object corruption in V8 - * High CVE-2026-5280: Use after free in WebCodecs - * High CVE-2026-5281: Use after free in Dawn - * High CVE-2026-5282: Out of bounds read in WebCodecs - * High CVE-2026-5283: Inappropriate implementation in ANGLE - * High CVE-2026-5284: Use after free in Dawn - * High CVE-2026-5285: Use after free in WebGL - * High CVE-2026-5286: Use after free in Dawn - * High CVE-2026-5287: Use after free in PDF - * High CVE-2026-5288: Use after free in WebView - * High CVE-2026-5289: Use after free in Navigation - * High CVE-2026-5290: Use after free in Compositing - * Medium CVE-2026-5291: Inappropriate implementation in WebGL - * Medium CVE-2026-5292: Out of bounds read in WebCodecs - removed ppc64le-build-error patch that is merged in upstream * Tue Apr 14 2026 Hoshino Lina - 146.0.9^chromium146.0.7680.164-2 - Fix 136 ABI backwards compat breakage

References


[ 1 ] Bug #2454750 - cef-146.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=2454750

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ffdca48c25' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: cef
Product: Fedora 43
Version: 146.0.11^chromium146.0.7680.177
Release: 2.fc43
URL: https://bitbucket.org/chromiumembedded/cef
Summary: Chromium Embedded Framework

Topics%20covered

Topics Covered

security advisory fedora buffer overflow high heap cef

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here