Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

openSUSE: Chromium Important Security Fix Advisory 2025:0413-1

opensuse
Calendar Grey October 31, 2025
Scroller Opensuse
This update resolves 19 important vulnerabilities in openSUSE's Chromium, ensuring enhanced security for users.
An update that fixes 19 vulnerabilities is now available.

Description

This update for chromium fixes the following issues:

Security fixes (boo#1252881):

* CVE-2025-12428: Type Confusion in V8

* CVE-2025-12429: Inappropriate implementation in V8

* CVE-2025-12430: Object lifecycle issue in Media

* CVE-2025-12431: Inappropriate implementation in Extensions

* CVE-2025-12432: Race in V8

* CVE-2025-12433: Inappropriate implementation in V8

* CVE-2025-12434: Race in Storage

* CVE-2025-12435: Incorrect security UI in Omnibox

* CVE-2025-12436: Policy bypass in Extensions

* CVE-2025-12437: Use after free in PageInfo

* CVE-2025-12438: Use after free in Ozone

* CVE-2025-12439: Inappropriate implementation in App-Bound Encryption

* CVE-2025-12440: Inappropriate implementation in Autofill

* CVE-2025-12441: Out of bounds read in V8

* CVE-2025-12443: Out of bounds read in WebXR

* CVE-2025-12444: Incorrect security UI in Fullscreen UI

* CVE-2025-12445: Policy bypass in Extensions

* CVE-2025-12446: Incorrect...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2025-413=1

Package List

- openSUSE Backports SLE-15-SP6 (aarch64 ppc64le x86_64):

chromedriver-142.0.7444.59-bp156.2.194.1

chromium-142.0.7444.59-bp156.2.194.1

References

https://www.suse.com/security/cve/CVE-2025-12428.html

https://www.suse.com/security/cve/CVE-2025-12429.html

https://www.suse.com/security/cve/CVE-2025-12430.html

https://www.suse.com/security/cve/CVE-2025-12431.html

https://www.suse.com/security/cve/CVE-2025-12432.html

https://www.suse.com/security/cve/CVE-2025-12433.html

https://www.suse.com/security/cve/CVE-2025-12434.html

https://www.suse.com/security/cve/CVE-2025-12435.html

https://www.suse.com/security/cve/CVE-2025-12436.html

https://www.suse.com/security/cve/CVE-2025-12437.html

https://www.suse.com/security/cve/CVE-2025-12438.html

https://www.suse.com/security/cve/CVE-2025-12439.html

https://www.suse.com/security/cve/CVE-2025-12440.html

https://www.suse.com/security/cve/CVE-2025-12441.html

https://www.suse.com/security/cve/CVE-2025-12443.html

https://www.suse.com/security/cve/CVE-2025-12444.html

https://www.suse.com/security/cve/CVE-2025-12445.html

https://www.suse.com/security/cve/CVE-2025-12446.html

https://www.suse.com/security/cve/CVE-2025-124...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2025:0413-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP6

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.