Critical Update for Fedora 42: WebKitGTK Fixes Crashes and CVE-2025-13947
fedora
December 17, 2025
Fix seeking and looping of media elements that set the loop property
Summary
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.
Update Information:
Fix seeking and looping of media elements that set the loop property. Fix several crashes and rendering issues. Fix CVE-2025-13947, CVE-2025-43458, CVE-2025-66287
Change Log
* Fri Dec 5 2025 Michael Catanzaro
References
[ 1 ] Bug #2418580 - CVE-2025-13947 webkitgtk: WebKitGTK: Remote user-assisted information disclosure via file drag-and-drop [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418580
[ 2 ] Bug #2418862 - CVE-2025-43458 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418862
[ 3 ] Bug #2418866 - CVE-2025-66287 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2418866
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-7536d2d941' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: webkitgtk
Product: Fedora 42
Version: 2.50.3
Release: 1.fc42
Summary: GTK web content engine library
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!