webkit2gtk3-2.48.5-1.el9_6
エラータID: AXSA:2025-10744:14
リリース日:
2025/08/15 Friday - 07:08
題名:
webkit2gtk3-2.48.5-1.el9_6
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- WebKitGTK には、メモリ処理が不適切な問題があるため、リモートの
攻撃者により、メモリ破壊を可能とする脆弱性が存在します。
(CVE-2025-31273)
- WebKitGTK には、メモリ処理が不適切な問題があるため、リモートの
攻撃者により、メモリ破壊を可能とする脆弱性が存在します。
(CVE-2025-31278)
- WebKitGTK には、メモリ処理が不適切な問題があるため、リモートの
攻撃者により、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2025-43211)
- WebKitGTK には、メモリ処理が不適切な問題があるため、リモートの
攻撃者により、予期せぬプロセスクラッシュの発生を可能とする脆弱性
が存在します。(CVE-2025-43212)
- WebKitGTK には、メモリ領域の解放後利用の問題があるため、リモート
の攻撃者により、予期せぬプロセスクラッシュの発生を可能とする脆弱性
が存在します。(CVE-2025-43216)
- WebKitGTK には、リモートの攻撃者により、ユーザの機密情報の漏洩
を可能とする脆弱性が存在します。(CVE-2025-43227)
- WebKitGTK には、リモートの攻撃者により、ファイルダウンロード元
の情報の改ざんを可能とする脆弱性が存在します。(CVE-2025-43240)
- WebKitGTK には、メモリ領域の範囲外読み取りの問題があるため、
リモートの攻撃者により、情報の漏洩を可能とする脆弱性が存在します。
(CVE-2025-43265)
- WebKitGTK には、入力データのチェック処理に不備があるため、
リモートの攻撃者により、情報の漏洩、データ破壊、およびサービス
拒否攻撃を可能とする脆弱性が存在します。(CVE-2025-6558)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-31273
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2025-31278
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2025-43211
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2025-43212
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2025-43216
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2025-43227
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2025-43240
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2025-43265
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2025-6558
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
追加情報:
N/A
ダウンロード:
SRPMS
- webkit2gtk3-2.48.5-1.el9_6.src.rpm
MD5: 72555eca57050be88b892f3bf76dc5c5
SHA-256: e553a9e2bd4b6e9606850b882f41f0d57fd02a10ad28214e98405cf4c6a510bc
Size: 42.14 MB
Asianux Server 9 for x86_64
- webkit2gtk3-2.48.5-1.el9_6.i686.rpm
MD5: e562a2603be89449f2b5495df057f77f
SHA-256: 47f7126b9d75a6ad930eedf2d6343b9d38b34deb8501f286ac901931876f4de5
Size: 32.35 MB - webkit2gtk3-2.48.5-1.el9_6.x86_64.rpm
MD5: f5bd3659483e34dd57035b239132107e
SHA-256: fbd75b5b5d235beefa81452e0507bae823e7db96c54eb2f6d17caf775802f679
Size: 26.78 MB - webkit2gtk3-devel-2.48.5-1.el9_6.i686.rpm
MD5: f8e0396c6f8f4a610df24867ccb374b3
SHA-256: e259bc6ebbe934f7aa06e8eb141a827ee301e7db8ee3f242198a0c193fe58e38
Size: 377.76 kB - webkit2gtk3-devel-2.48.5-1.el9_6.x86_64.rpm
MD5: 4af1d5e802b9b2600e97d1a442d03e32
SHA-256: 4fd66420cb8d37eb8391dcf1a27130a9e4ec52d6670f600ea08a0aafc051d8af
Size: 370.74 kB - webkit2gtk3-jsc-2.48.5-1.el9_6.i686.rpm
MD5: 8c2308d5d41dcb62930b69182f352b3b
SHA-256: 62c094837a4bc68fd76795db92c642f12f611b0fd7ec55a7ac1e1602a6b5e9ca
Size: 4.48 MB - webkit2gtk3-jsc-2.48.5-1.el9_6.x86_64.rpm
MD5: ec1d13329d69ed554abf6c09f87c8f04
SHA-256: 435da62fcb11b02d4e3bc096a2cebaade6ca1d552d711ae63dfe4b216c7a6032
Size: 8.54 MB - webkit2gtk3-jsc-devel-2.48.5-1.el9_6.i686.rpm
MD5: b2956b43951eee8aa024bc319e2534a7
SHA-256: 1a5f50f42c2d721bf2fbf3f945848f5d01b7b9cbed9bde07d84ee9a32e00f97f
Size: 187.94 kB - webkit2gtk3-jsc-devel-2.48.5-1.el9_6.x86_64.rpm
MD5: 2742fad07508a165d4a0ae09a2c0a9ae
SHA-256: 740fde212ba6b46ccb5ddb91df8d10a3412bc54d6fa4b2aed21439b68c050270
Size: 178.30 kB
English