Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 43: Chromium High Heap Buffer Overflow CVEs 2025-37da05914f

fedora
Calendar Grey October 7, 2025
Dist Fedora Esm H88
High severity heap buffer overflows and information leak issues in Fedora 43 Chromium update require immediate action.
Update to 141.0.7390.54 * High CVE-2025-11205: Heap buffer overflow in WebGPU * High CVE-2025-11206: Heap buffer overflow in Video * Medium CVE-2025-11207: Side-channel informat...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 141.0.7390.54 * High CVE-2025-11205: Heap buffer overflow in WebGPU * High CVE-2025-11206: Heap buffer overflow in Video * Medium CVE-2025-11207: Side-channel information leakage in Storage * Medium CVE-2025-11208: Inappropriate implementation in Media * Medium CVE-2025-11209: Inappropriate implementation in Omnibox * Medium CVE-2025-11210: Side-channel information leakage in Tab * Medium CVE-2025-11211: Out of bounds read in Media * Medium CVE-2025-11212: Inappropriate implementation in Media * Medium CVE-2025-11213: Inappropriate implementation in Omnibox * Medium CVE-2025-11215: Off by one error in V8 * Low CVE-2025-11216: Inappropriate implementation in Storage * Low CVE-2025-11219: Use after free in V8

Topics%20covered

Topics Covered

security advisory fedora heap overflow high browser information leakage

Change Log

* Thu Oct 2 2025 Than Ngo - 141.0.7390.54-1 - Update to 141.0.7390.54 * High CVE-2025-11205: Heap buffer overflow in WebGPU * High CVE-2025-11206: Heap buffer overflow in Video * Medium CVE-2025-11207: Side-channel information leakage in Storage * Medium CVE-2025-11208: Inappropriate implementation in Media * Medium CVE-2025-11209: Inappropriate implementation in Omnibox * Medium CVE-2025-11210: Side-channel information leakage in Tab * Medium CVE-2025-11211: Out of bounds read in Media * Medium CVE-2025-11212: Inappropriate implementation in Media * Medium CVE-2025-11213: Inappropriate implementation in Omnibox * Medium CVE-2025-11215: Off by one error in V8 * Low CVE-2025-11216: Inappropriate implementation in Storage * Low CVE-2025-11219: Use after free in V8

References


[ 1 ] Bug #2381730 - DebugInfo packages aren't being produced. https://bugzilla.redhat.com/show_bug.cgi?id=2381730 [ 2 ] Bug #2400095 - Update chromium-141.0.7390.54 major release [fedora-all, epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2400095

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-37da05914f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: chromium
Product: Fedora 43
Version: 141.0.7390.54
Release: 1.fc43
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory fedora heap overflow high browser information leakage

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here