Alerts This Week
Warning Icon 1 975
Alerts This Week
Warning Icon 1 975

Fedora 43 Chromium Important Security Issues Advisory 2026-f9a0af40b2

fedora
Calendar Grey June 23, 2026
Dist Fedora Esm H88
Chromium on Fedora 43 updated to address critical issues with web features and overall browser security.
Update to 149.0.7827.155 CVE-2026-12437: Use after free in WebShare CVE-2026-12438: Inappropriate implementation in WebView CVE-2026-12439: Use after free in Digital Credentials CV...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 149.0.7827.155 CVE-2026-12437: Use after free in WebShare CVE-2026-12438: Inappropriate implementation in WebView CVE-2026-12439: Use after free in Digital Credentials CVE-2026-12440: Use after free in DigitalCredentials CVE-2026-12441: Use after free in File Input CVE-2026-12442: Use after free in Passwords CVE-2026-12443: Use after free in Web Authentication CVE-2026-12444: Out of bounds read in Chromoting CVE-2026-12445: Use after free in Extensions CVE-2026-12446: Insufficient data validation in Passwords CVE-2026-12447: Heap buffer overflow in WebRTC CVE-2026-12448: Inappropriate implementation in WebView CVE-2026-12449: Use after free in Chromoting CVE-2026-12450: Inappropriate implementation in Media CVE-2026-12451: Use after free in DigitalCredentials CVE-2026-12452: Use after free in Downloads CVE-2026-12453: Insufficient validation of untrusted input in Input CVE-2026-12454: Race in Safe Browsing CVE-2026-12455: Use after free in Tab Strip CVE...

Topics%20covered

Topics Covered

security advisory fedora important use-after-free webview webshare

Change Log

* Wed Jun 17 2026 Than Ngo - 149.0.7827.155-1 - Update to 149.0.7827.155 * CVE-2026-12437: Use after free in WebShare * CVE-2026-12438: Inappropriate implementation in WebView * CVE-2026-12439: Use after free in Digital Credentials * CVE-2026-12440: Use after free in DigitalCredentials * CVE-2026-12441: Use after free in File Input * CVE-2026-12442: Use after free in Passwords * CVE-2026-12443: Use after free in Web Authentication * CVE-2026-12444: Out of bounds read in Chromoting * CVE-2026-12445: Use after free in Extensions * CVE-2026-12446: Insufficient data validation in Passwords * CVE-2026-12447: Heap buffer overflow in WebRTC * CVE-2026-12448: Inappropriate implementation in WebView * CVE-2026-12449: Use after free in Chromoting * CVE-2026-12450: Inappropriate implementation in Media * CVE-2026-12451: Use after free in DigitalCredentials * CVE-2026-12452: Use after free in Downloads * CVE-2026-12453: Insufficient validation of untrusted input in Input * CVE-2026-12454: Race in Safe Browsing * CVE-2026-12455: Use after free in Tab Strip * CVE-2026-12456: Insufficient validation of untrusted input in Extensions * CVE-2026-12457: Insufficient data validation in Extensions * CVE-2026-12458: Incorrect security UI in Passwords * CVE-2026-12459: Inappropriate implementation in Serial * CVE-2026-12460: Insufficient policy enforcement in File System Access * CVE-2026-12461: Out of bounds read in WebRTC * CVE-2026-12462: Use after free in Media * CVE-2026-12463: Inappropriate implementation in Views * CVE-2026-12464: Use after free in Browser * CVE-2026-12465: Insufficient validation of untrusted input in Metrics * CVE-2026-12466: Heap buffer overflow in WebRTC * CVE-2026-12467: Use after free in Extensions * CVE-2026-12468: Inappropriate implementation in Updater * CVE-2026-12469: Uninitialized Use in GPU

References


[ 1 ] Bug #2490693 - CVE-2026-12437 CVE-2026-12438 CVE-2026-12439 CVE-2026-12440 CVE-2026-12441 CVE-2026-12442 CVE-2026-12443 CVE-2026-12444 CVE-2026-12445 CVE-2026-12446 CVE-2026-12447 CVE-2026-12448 CVE-2026-12449 CVE-2026-12450 ... chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490693

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f9a0af40b2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 43
Version: 149.0.7827.155
Release: 1.fc43
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory fedora important use-after-free webview webshare

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here