Alerts This Week
Warning Icon 1 717
Alerts This Week
Warning Icon 1 717

Mageia: webkit2 Important Code Exec Process Crash Fix MGASA-2025-0291

mageia
Calendar Grey November 14, 2025
Dist Mageia Esm H88
Updated webkit2 packages in Mageia fix critical threats and improve stability. Essential patch for safe browsing.
MGASA-2025-0291 - Updated webkit2 packages fix security vulnerabilities

Summary

Description: CVE-2024-27838 A maliciously crafted webpage may be able to fingerprint the user. Description: The issue was addressed by adding additional logic. CVE-2024-27851 Processing maliciously crafted web content may lead to arbitrary code execution. Description: The issue was addressed with improved bounds checks. CVE-2024-40776 Processing maliciously crafted web content may lead to an unexpected process crash. Description: A use-after-free issue was addressed with improved memory management. CVE-2024-40779 / CVE-2024-40780 Processing maliciously crafted web content may lead to an unexpected process crash. Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2024-40782 Processing maliciously crafted web content may lead to an unexpected process crash. Description: A use-after-free issue was addressed with improved memory management. CVE-2024-40789 Processing maliciously crafted web content may lead to an unexpected process crash. Description: An ...

References

- https://bugs.mageia.org/show_bug.cgi?id=33513

- https://webkitgtk.org/release/webkitgtk-2.44.4.html

- https://webkitgtk.org/2024/08/13/webkitgtk2.44.3-released.html

- https://webkitgtk.org/security/WSA-2024-0004.html

- https://www.cve.org/CVERecord?id=CVE-2024-27838

- https://www.cve.org/CVERecord?id=CVE-2024-27851

- https://www.cve.org/CVERecord?id=CVE-2024-40776

- https://www.cve.org/CVERecord?id=CVE-2024-40779

- https://www.cve.org/CVERecord?id=CVE-2024-40780

- https://www.cve.org/CVERecord?id=CVE-2024-40782

- https://www.cve.org/CVERecord?id=CVE-2024-40789

- https://www.cve.org/CVERecord?id=CVE-2024-4558

Topics%20covered

Topics Covered

security advisory arbitrary code execution important Mageia process crash webkit2

Resolution

SRPMS

- 9/core/webkit2-2.44.4-1.mga9

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 14 Nov 2025
URL: https://advisories.mageia.org/MGASA-2025-0291.html
Type: security
CVE: CVE-2024-27838, CVE-2024-27851, CVE-2024-40776, CVE-2024-40779, CVE-2024-40780, CVE-2024-40782, CVE-2024-40789, CVE-2024-4558

Topics%20covered

Topics Covered

security advisory arbitrary code execution important Mageia process crash webkit2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here