Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Fedora 44 Chromium Critical Heap Overflow Use After Free 2026-7437330b17

fedora
Calendar Grey July 17, 2026
Scroller Fedora
Discover critical updates in Fedora 44 for Chromium addressing various security issues including use after free and heap buffer overflow.
Update to 150.0.7871.124 * CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap ...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 150.0.7871.124 * CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap buffer overflow in libyuv * CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas * CVE-2026-15769: Insufficient validation of untrusted input in Linux Toolkit Theming * CVE-2026-15770: Uninitialized Use in V8 * CVE-2026-15771: Insufficient validation of untrusted input in Media * CVE-2026-15772: Use after free in GPU * CVE-2026-15773: Use after free in Core * CVE-2026-15774: Use after free in Skia * CVE-2026-15775: Insufficient policy enforcement in V8 * CVE-2026-15776: Type Confusion in V8 * CVE-2026-15777: Use after free in UI * CVE-2026-15778: Insufficient validation of untrusted input in Navigation

Change Log

* Wed Jul 15 2026 Than Ngo - 150.0.7871.124-1 - Update to 150.0.7871.124 * CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap buffer overflow in libyuv * CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas * CVE-2026-15769: Insufficient validation of untrusted input in Linux Toolkit Theming * CVE-2026-15770: Uninitialized Use in V8 * CVE-2026-15771: Insufficient validation of untrusted input in Media * CVE-2026-15772: Use after free in GPU * CVE-2026-15773: Use after free in Core * CVE-2026-15774: Use after free in Skia * CVE-2026-15775: Insufficient policy enforcement in V8 * CVE-2026-15776: Type Confusion in V8 * CVE-2026-15777: Use after free in UI * CVE-2026-15778: Insufficient validation of untrusted input in Navigation - Backport patches to improve auto darkmode

References

Fedora Update Notification FEDORA-2026-7437330b17 2026-07-18 00:26:14.273094+00:00 Name : chromium Product : Fedora 44 Version : 150.0.7871.124 Release : 1.fc44 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink).

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7437330b17' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 44
Version: 150.0.7871.124
Release: 1.fc44
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.