Description
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.
Problem types
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Product status
Any version before 2.50.3
0:2.50.3-2.el7_9 (rpm) before *
0:2.50.3-1.el8_10 (rpm) before *
0:2.50.3-2.el8_2 (rpm) before *
0:2.50.3-2.el8_4 (rpm) before *
0:2.50.3-2.el8_4 (rpm) before *
0:2.50.3-2.el8_6 (rpm) before *
0:2.50.3-2.el8_6 (rpm) before *
0:2.50.3-2.el8_6 (rpm) before *
0:2.50.3-2.el8_8 (rpm) before *
0:2.50.3-2.el8_8 (rpm) before *
0:2.50.3-1.el9_7 (rpm) before *
0:2.50.3-1.el9_0 (rpm) before *
0:2.50.3-1.el9_2 (rpm) before *
0:2.50.3-1.el9_4 (rpm) before *
0:2.50.3-1.el9_6 (rpm) before *
Timeline
| 2025-12-04: | Reported to Red Hat. |
| 2025-12-04: | Made public. |
References
access.redhat.com/errata/RHSA-2025:22789 (RHSA-2025:22789)
access.redhat.com/errata/RHSA-2025:22790 (RHSA-2025:22790)
access.redhat.com/errata/RHSA-2025:23110 (RHSA-2025:23110)
access.redhat.com/errata/RHSA-2025:23433 (RHSA-2025:23433)
access.redhat.com/errata/RHSA-2025:23434 (RHSA-2025:23434)
access.redhat.com/errata/RHSA-2025:23451 (RHSA-2025:23451)
access.redhat.com/errata/RHSA-2025:23452 (RHSA-2025:23452)
access.redhat.com/errata/RHSA-2025:23583 (RHSA-2025:23583)
access.redhat.com/errata/RHSA-2025:23591 (RHSA-2025:23591)
access.redhat.com/errata/RHSA-2025:23742 (RHSA-2025:23742)
access.redhat.com/errata/RHSA-2025:23743 (RHSA-2025:23743)
access.redhat.com/security/cve/CVE-2025-66287
bugzilla.redhat.com/show_bug.cgi?id=2418857 (RHBZ#2418857)
webkitgtk.org/security/WSA-2025-0009.html