Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2025:1149-1 moderate: webkit2gtk3 security issues

suse
Calendar Grey April 7, 2025
Dist Suse Esm H88
Crucial security patch for webkit2gtk3 resolves various vulnerabilities. Upgrade your SUSE installations immediately for enhanced safety.
* bsc#1239863 * bsc#1239864 * bsc#1239950 Cross-References:

Summary

## This update for webkit2gtk3 fixes the following issues: * CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content (bsc#1239863) * CVE-2024-54467: Fixed information disclosure via data cross-origin exfiltration due to a cookie management issue (bsc#1239864) Other fixes: * Update to version 2.48.0: * Move tiles rendering to worker threads when rendering with the GPU. * Fix preserve-3D intersection rendering. * Added new function for creating Promise objects to JavaScripotCore GLib API. * The MediaRecorder backend gained WebM support (requires at least GStreamer 1.24.9) and audio bitrate configuration support. * Fix invalid DPI-aware font size conversion. * Bring back support for OpenType-SVG fonts using Skia SVG module.

Topics%20covered

Topics Covered

security advisory moderate information disclosure SUSE webkit2gtk3 process crash

References

* bsc#1239863

* bsc#1239864

* bsc#1239950

Cross-

* CVE-2024-44192

* CVE-2024-54467

* CVE-2025-24201

CVSS scores:

* CVE-2024-44192 ( SUSE ): 7.1

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2024-44192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2024-44192 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2024-44192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2024-54467 ( SUSE ): 7.1

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2024-54467 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

* CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

* CVE-2024-54467 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Announcement ID: SUSE-SU-2025:1149-1
Release Date: 2025-04-07T07:12:51Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate information disclosure SUSE webkit2gtk3 process crash

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here