Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
89
security advisoryfedoraimportantFedora 41: chromium Critical Update CVE-2025-8292 Use After Free
Update to 138.0.7204.183 * CVE-2025-8292: Use after free in Media Stream. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-28d7ca87c5 2025-08-07 01:11:45.458442+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 41 Version : 138.0.7204.183 Release : 1.fc41 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 138.0.7204.183 * CVE-2025-8292: Use after free in Media Stream -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 30 2025 Than Ngo - 138.0.7204.183-1 - Update to 138.0.7204.183 * CVE-2025-8292: Use after free in Media Stream -------------------------------------------------------------------------------- References: [ 1 ] Bug #2384413 - CVE-2025-8292 chromium: Chrome Media Stream Use-After-Free [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2384413 [ 2 ] Bug #2384414 - CVE-2025-8292 chromium: Chrome Media Stream Use-After-Free [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2384414 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-28d7ca87c5' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Aug 07, 2025
•Critical
Fedora
202
security advisoryimportantOpenSUSEopenSUSE: Chromium Important CVE-2025-8292 Media Stream Issue
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0284-1 Rating: important References: #1247365 Cross-References: CVE-2025-8292 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for chromium fixes the following issues: Chromium 138.0.7204.183 (boo#1247365): - CVE-2025-8292: Use after free in Media Stream Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2025-284=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le x86_64): chromedriver-138.0.7204.183-bp156.2.147.1 chromium-138.0.7204.183-bp156.2.147.1 References: https://www.suse.com/security/cve/CVE-2025-8292.html https://bugzilla.suse.com/1247365 . An update for openSUSE addresses a critical chromium vulnerability, CVE-2025-8292, which pertains to issues with media stream security.. important update openSUSE chromium security issue. . Severity: Important. LinuxSecurity.com Team
Aug 05, 2025
•Important
OpenSUSE
89
security advisoryfedoraimportantFedora 42: Chromium Important CVE-2025-8292 Media Stream Use After Free
Update to 138.0.7204.183 * CVE-2025-8292: Use after free in Media Stream. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-2d776e48e1 2025-08-03 01:14:05.386515+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 42 Version : 138.0.7204.183 Release : 1.fc42 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 138.0.7204.183 * CVE-2025-8292: Use after free in Media Stream -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 30 2025 Than Ngo - 138.0.7204.183-1 - Update to 138.0.7204.183 * CVE-2025-8292: Use after free in Media Stream -------------------------------------------------------------------------------- References: [ 1 ] Bug #2384413 - CVE-2025-8292 chromium: Chrome Media Stream Use-After-Free [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2384413 [ 2 ] Bug #2384414 - CVE-2025-8292 chromium: Chrome Media Stream Use-After-Free [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2384414 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-2d776e48e1' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Aug 03, 2025
•Important
Fedora
202
security advisoryupdateimportantopenSUSE: Chromium Important Update CVE-2025-8292 - Media Stream Issue
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0277-1 Rating: important References: #1247365 Cross-References: CVE-2025-8292 Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for chromium fixes the following issues: Chromium 138.0.7204.183 (boo#1247365): - CVE-2025-8292: Use after free in Media Stream Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2025-277=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 x86_64): chromedriver-138.0.7204.183-bp157.2.28.1 chromium-138.0.7204.183-bp157.2.28.1 References: https://www.suse.com/security/cve/CVE-2025-8292.html https://bugzilla.suse.com/1247365 . Urgent notification regarding Chromium in openSUSE, fixing a Media Stream flaw, CVE-2025-8292. Apply the suggested patch immediately.. openSUSE, update, chromium, vulnerability, security patch. . Severity: Important. LinuxSecurity.com Team
Aug 01, 2025
•Important
OpenSUSE
89
security advisoryFedoraout of boundsFedora 40: FEDORA-2025-762804f16e critical: chromium issues
Update to 134.0.6998.35 * CVE-2025-1914: Out of bounds read in V8 * CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools * CVE-2025-1916: Use after free in Profiles. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-762804f16e 2025-03-08 01:35:17.955242+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 40 Version : 134.0.6998.35 Release : 1.fc40 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 134.0.6998.35 * CVE-2025-1914: Out of bounds read in V8 * CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools * CVE-2025-1916: Use after free in Profiles * CVE-2025-1917: Inappropriate Implementation in Browser UI * CVE-2025-1918: Out of bounds read in PDFium * CVE-2025-1919: Out of bounds read in Media * CVE-2025-1921: Inappropriate Implementation in Media Stream * CVE-2025-1922: Inappropriate Implementation in Selection * CVE-2025-1923: Inappropriate Implementation in Permission Prompts -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 5 2025 Than Ngo - 134.0.6998.35 -1 - Update to 134.0.6998.35 * CVE-2025-1914: Out of bounds read in V8 * CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools * CVE-2025-1916: Use after free in Profiles * CVE-2025-1917: Inappropriate Implementation in Browser UI * CVE-2025-1918: Out of bounds read in PDFium * CVE-2025-1919: Out of bounds read in Media * CVE-2025-1921: Inappropriate Implementation in Media Stream * CVE-2025-1922:Inappropriate Implementation in Selection * CVE-2025-1923: Inappropriate Implementation in Permission Prompts -------------------------------------------------------------------------------- References: [ 1 ] Bug #2349973 - CVE-2025-1914 chromium: From CVEorg collector [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349973 [ 2 ] Bug #2349974 - CVE-2025-1914 chromium: From CVEorg collector [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2349974 [ 3 ] Bug #2350032 - CVE-2025-1921 chromium: Inappropriate implementation in Media Stream [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350032 [ 4 ] Bug #2350033 - CVE-2025-1921 chromium: Inappropriate implementation in Media Stream [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350033 [ 5 ] Bug #2350034 - CVE-2025-1918 chromium: Out of bounds read in PDFium [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350034 [ 6 ] Bug #2350035 - CVE-2025-1918 chromium: Out of bounds read in PDFium [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350035 [ 7 ] Bug #2350036 - CVE-2025-1923 chromium: Inappropriate implementation in Permission Prompts [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350036 [ 8 ] Bug #2350037 - CVE-2025-1916 chromium: Use after free in Profiles [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350037 [ 9 ] Bug #2350038 - CVE-2025-1923 chromium: Inappropriate implementation in Permission Prompts [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350038 [ 10 ] Bug #2350039 - CVE-2025-1916 chromium: Use after free in Profiles [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350039 [ 11 ] Bug #2350040 - CVE-2025-1915 chromium: Improper Limitation of a Pathname [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350040 [ 12 ] Bug #2350041 - CVE-2025-1919 chromium: Out of bounds read in Media [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350041 [ 13 ] Bug #2350042 - CVE-2025-1915 chromium: Improper Limitation of a Pathname [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350042 [ 14 ] Bug #2350043 - CVE-2025-1919 chromium: Out of bounds read in Media [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2350043 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-762804f16e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Mar 08, 2025
•Critical
Fedora
203
security advisorybrowserchromiumMageia 9: MGASA-2024-0273 Moderate: Chromium Browser Security Update
Inappropriate implementation in V8. (CVE-2024-6772) Type Confusion in V8. (CVE-2024-6773) Use after free in Screen Capture. (CVE-2024-6774) Use after free in Media Stream. (CVE-2024-6775) Use after free in Audio. (CVE-2024-6776) . MGASA-2024-0273 - Updated chromium-browser-stable packages fix security vulnerabilities Publication date: 20 Jul 2024 URL: https://advisories.mageia.org/MGASA-2024-0273.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-6772, CVE-2024-6773, CVE-2024-6774, CVE-2024-6775, CVE-2024-6776, CVE-2024-6777, CVE-2024-6778, CVE-2024-6779 Inappropriate implementation in V8. (CVE-2024-6772) Type Confusion in V8. (CVE-2024-6773) Use after free in Screen Capture. (CVE-2024-6774) Use after free in Media Stream. (CVE-2024-6775) Use after free in Audio. (CVE-2024-6776) Use after free in Navigation. (CVE-2024-6777) Race in DevTools. (CVE-2024-6778) Out of bounds memory access in V8. (CVE-2024-6779) References: - https://bugs.mageia.org/show_bug.cgi?id=33407 - https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html - https://www.cve.org/CVERecord?id=CVE-2024-6772 - https://www.cve.org/CVERecord?id=CVE-2024-6773 - https://www.cve.org/CVERecord?id=CVE-2024-6774 - https://www.cve.org/CVERecord?id=CVE-2024-6775 - https://www.cve.org/CVERecord?id=CVE-2024-6776 - https://www.cve.org/CVERecord?id=CVE-2024-6777 - https://www.cve.org/CVERecord?id=CVE-2024-6778 - https://www.cve.org/CVERecord?id=CVE-2024-6779 SRPMS: - 9/tainted/chromium-browser-stable-126.0.6478.182-1.mga9.tainted . Updated chromium-browser-stable packages address multiple vulnerabilities with essential fixes for Mageia users.. mageia security advisory, chromium update, type confusion fix, media stream vulnerability. . LinuxSecurity.com Team
Jul 20, 2024
Mageia
172
security advisoryUbuntuman in the middleUbuntu 10.04 LTS USN-1067-1 Moderate: Telepathy Gabble MITM Attack
It was discovered that Gabble did not verify the from field of google jingleinfo updates. This could allow a remote attacker to perform man in the middle attacks (MITM) on streamed media.. ==========================================================Ubuntu Security Notice USN-1067-1 February 17, 2011 telepathy-gabble vulnerability https://bugs.launchpad.net/ubuntu/+source/telepathy-gabble/+bug/720201 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: telepathy-gabble 0.8.7-1ubuntu1.1 Ubuntu 10.04 LTS: telepathy-gabble 0.8.12-0ubuntu1.1 Ubuntu 10.10: telepathy-gabble 0.10.0-1ubuntu0.1 After a standard system update you need to restart your session to make all the necessary changes. Details follow: It was discovered that Gabble did not verify the from field of google jingleinfo updates. This could allow a remote attacker to perform man in the middle attacks (MITM) on streamed media. Updated packages for Ubuntu 9.10: Source archives: Size/MD5: 13990 351f08742f5f0ef7f90e8a750578e4e6 Size/MD5: 2553 6eac46deafcf04a43accfc7fb1a07b3a Size/MD5: 1480819 1ab5505b5410f79438a886097db7c16e amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 649224 9a4782cfa2df697de06fa11eb9151e87 Size/MD5: 365310 3c03bc122de9118996c8c6d70f6609f7 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 628852 55d4d2714a44cf52a54b525528dbea1d Size/MD5: 337922 bfec94d872420b6fac30c01477497a09 armel architecture (ARM Architecture): Size/MD5: 628220 a615df74072df46b513da927f31ee019 Size/MD5: 3463907e527b84cc82934ef364827625c0677e lpia architecture (Low Power Intel Architecture): Size/MD5: 643428 482b5341331957a169a1bf41366c840f Size/MD5: 328280 c04413760c8c1d0d5c522e0b80218166 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 655522 47807b94c25c2e3c294b178c05cdf847 Size/MD5: 345494 45e6da12c8d0e66946550515d701bfd5 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 583200 96d0f25f7d139fab0ea9efcaff56d2e2 Size/MD5: 331466 514a0c9dce3af6e618330fa221b00c4f Updated packages for Ubuntu 10.04 LTS: Source archives: Size/MD5: 10969 bced372df48c20f3c8f19a61c5511057 Size/MD5: 2580 7b16f1de82f1577bf264330c17d164a2 Size/MD5: 1520808 c344165154fe1642bd176e9a38e9ecce amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 658714 7456b882950cd45d3cfd9c438aec4a31 Size/MD5: 374550 7cc95dfcbdd3dedce37fc42559cf9bc6 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 638488 febdb1ee17671b884138e50f55e8c657 Size/MD5: 339056 770ef642261faf4e8fc4bbc6044f5e22 armel architecture (ARM Architecture): Size/MD5: 648626 19c7e520d2afc6600007778e3d548de9 Size/MD5: 339056 12b9603a1a05349fe92d4b3b7a299924 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 662726 26cc6d6f5bf18a810fb500f578e0d90b Size/MD5: 349868 260b54bcadf671943f5e9561d1941483 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 596414 c47815983951bb05f2c39234e56960d3 Size/MD5: 351046 dec1577b62b081e02ee87eb9fe824694 Updated packages for Ubuntu 10.10: Source archives: Size/MD5: 12071 931b9d3d19180d1f0fc13b1e7e1a4544 Size/MD5: 2577 ba76f8cc9997b81bf2b63c1e6f7dbe2f Size/MD5: 2939986 3c34d0bf73c69a33015aab68cef5cad6 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 1173588 6ae25fd58b8439c03fc54647443cc97f Size/MD5: 612642 759ce0e0ce14eef720114d2732ca9645 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 1134694 e5bdbf43f2e09167083da335479ec933 Size/MD5: 556366 0b0bf128fb049ce924f7c8fe6cfa8972 armel architecture (ARM Architecture): Size/MD5: 1155908 6e26dd2437b2ba15fa7c6de28360472d Size/MD5: 571668 dbba6096e42ca724b0333f8e45f27b2f powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 1183558 6b247e291498f6f91bf63bcab93f8162 Size/MD5: 576834 60c969b4008225d7e18115c238415975 . Mindwave Echo flaw enables interception of streaming content. Ensure your Ubuntu systems are patched for protection.. Telepathy Gabble, Ubuntu Security, MITM Attack, Update Guidance. . Severity: Important. LinuxSecurity.com Team
Feb 17, 2011
•Important
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!