Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

openSUSE Leap 15.6: 2025:01746-1 important: webkit2gtk3 patch

suse
Calendar Grey May 29, 2025
Dist Suse Esm H88
This enhancement tackles several vital concerns in gtk3-webkit for openSUSE, improving both robustness and safety.
* bsc#1222905 * bsc#1241158 * bsc#1241160 * bsc#1243282 * bsc#1243286

Summary

## This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2. Security issues fixed: * CVE-2025-31205: lack of checks may lead to cross-origin data exfiltration through a malicious website (bsc#1243282). * CVE-2025-31204: improper memory handling when processing certain web content may lead to memory corruption (bsc#1243286). * CVE-2025-31206: type confusion issue when processing certain web content may lead to an unexpected crash (bsc#1243288). * CVE-2025-31215: lack of checks when processing certain web content may lead to an unexpected crash (bsc#1243289). * CVE-2025-31257: improper memory handling when processing certain web content may lead to an unexpected crash (bsc#1243596). * CVE-2025-24223: improper memory handling when processing certain web content

References

* bsc#1222905

* bsc#1241158

* bsc#1241160

* bsc#1243282

* bsc#1243286

* bsc#1243288

* bsc#1243289

* bsc#1243424

* bsc#1243596

Cross-

* CVE-2023-42875

* CVE-2023-42970

* CVE-2024-23226

* CVE-2025-24223

* CVE-2025-31204

* CVE-2025-31205

* CVE-2025-31206

* CVE-2025-31215

* CVE-2025-31257

CVSS scores:

* CVE-2023-42875 ( SUSE ): 8.6

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

* CVE-2023-42875 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

* CVE-2023-42875 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

* CVE-2023-42970 ( SUSE ): 8.7

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2023-42970 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:01746-1
Release Date: 2025-05-29T12:38:02Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here