Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE 2025:0096-1 important: webkit2gtk3 process crash and memory issues

suse
Calendar Grey January 14, 2025
Dist Suse Esm H88
SUSE Security Update for webkit2gtk3 releases essential patches addressing vulnerabilities that lead to system crashes and memory leaks.
* bsc#1234851 Cross-References: * CVE-2024-40866 * CVE-2024-44185

Summary

## This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 (bsc#1234851): Security fixes: * CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54505: Processing maliciously crafted web content may lead to memory corruption * CVE-2024-54508: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54534: Processing maliciously crafted web content may lead to memory corruption Other fixes: * Fix the build with GBM and release logs disabled. * Fix several crashes and rendering issues. * Improve memory consumption and performance of Canvas getImageData.

Topics%20covered

Topics Covered

security advisory software update memory corruption important SUSE webkit2gtk3 process crash

References

* bsc#1234851

Cross-

* CVE-2024-40866

* CVE-2024-44185

* CVE-2024-44187

* CVE-2024-44308

* CVE-2024-44309

* CVE-2024-54479

* CVE-2024-54502

* CVE-2024-54505

* CVE-2024-54508

* CVE-2024-54534

CVSS scores:

* CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

* CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

* CVE-2024-44185 ( SUSE ): 5.9

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0096-1
Release Date: 2025-01-14T14:13:16Z
Rating: important

Topics%20covered

Topics Covered

security advisory software update memory corruption important SUSE webkit2gtk3 process crash

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here