ALSA-2025:23663

Details

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

webkitgtk: webkitgtk: Use-after-free due to improper memory management (CVE-2025-43529)
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43501)
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43531)
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43535)
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43536)
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43541)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Packages

AlmaLinux:8webkit2gtk3

Fixed in:

2.50.4-1.el8_10

AlmaLinux:8webkit2gtk3-devel

Fixed in:

2.50.4-1.el8_10

AlmaLinux:8webkit2gtk3-jsc

Fixed in:

2.50.4-1.el8_10

AlmaLinux:8webkit2gtk3-jsc-devel

Fixed in:

2.50.4-1.el8_10

References

ADVISORYhttps://access.redhat.com/errata/RHSA-2025:23663 ADVISORYhttps://bugzilla.redhat.com/2423166 ADVISORYhttps://bugzilla.redhat.com/2423185 ADVISORYhttps://bugzilla.redhat.com/2423187 ADVISORYhttps://bugzilla.redhat.com/2423188 ADVISORYhttps://bugzilla.redhat.com/2423190 ADVISORYhttps://bugzilla.redhat.com/2423191 ADVISORYhttps://errata.almalinux.org/8/ALSA-2025-23663.html

ALSA-2025:23663

Details

Affected Packages

References

Related

Ecosystems

Timeline