ALSA-2025:3974

[ALSA-2025:3974] Important: webkit2gtk3 security update

Type:

security

Severity:

important

Release date:

2025-04-21

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  

Security Fix(es):  

  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44192)
  * webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2024-54467)
  * webkitgtk: Processing web content may lead to a denial-of-service (CVE-2024-54551)
  * webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack (CVE-2025-24208)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-24209)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-24216)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-30427)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-jsc-2.48.1-1.el8_10.aarch64.rpm	27aab8827174831bbd16b8a4f828f49e4833b9713663d506997b2da6a592a828
aarch64	webkit2gtk3-jsc-devel-2.48.1-1.el8_10.aarch64.rpm	7dcb869ce3502be26c4da9527326bcc4502fb2004cc7304bd495eee7e750edf8
aarch64	webkit2gtk3-2.48.1-1.el8_10.aarch64.rpm	b24f9adf14cd8a36faf1dacf17e3e7ce819f975fad0d1409f6a979b4b4d7dd8a
aarch64	webkit2gtk3-devel-2.48.1-1.el8_10.aarch64.rpm	e23a05910eb454b3ca05b2cd5a8696ca998cf48255cb42c80efc072456a2e118
i686	webkit2gtk3-jsc-devel-2.48.1-1.el8_10.i686.rpm	5e219fb053dc357ccaf2511abe6567dde9f359fd003e6435358a39b9e863c091
i686	webkit2gtk3-jsc-2.48.1-1.el8_10.i686.rpm	9623b42f67bee35c91ff4586182b658e3a49b997bdeffb16dbb0fc2b0c0d4700
i686	webkit2gtk3-2.48.1-1.el8_10.i686.rpm	9707414d288784dc19a744b8d5d85f876ac5dffe0b7e77d87920025785fa927a
i686	webkit2gtk3-devel-2.48.1-1.el8_10.i686.rpm	cfc3e573b8e88d1d268b00c9084b21b90e55b3e75ca7a8b4c5276b09b2c7cebf
ppc64le	webkit2gtk3-jsc-2.48.1-1.el8_10.ppc64le.rpm	29a62aae5569947cad1d7f2916fccd7ae88fd085b15061256901c4a4dc675cf3
ppc64le	webkit2gtk3-jsc-devel-2.48.1-1.el8_10.ppc64le.rpm	48e6306d6d36f4a0a445dc6c5e666967740314eef653c3df611454d649d8807f
ppc64le	webkit2gtk3-devel-2.48.1-1.el8_10.ppc64le.rpm	fa072b87dfe8dfefcef8157e85af55f2722f366ad733fee767768a8824e3278c
ppc64le	webkit2gtk3-2.48.1-1.el8_10.ppc64le.rpm	fcdc9f9c9197773885bdb310affe35ab3681caf48e3e5fe03c757bd1d99c3550
s390x	webkit2gtk3-devel-2.48.1-1.el8_10.s390x.rpm	33ec3ddfd2410b8729fa94522edfdc9d3c6364e04026e1483b13840af196505f
s390x	webkit2gtk3-jsc-devel-2.48.1-1.el8_10.s390x.rpm	4fa427e3dd4306bff609ac88eb4c80f86ef8295905fee400d3ee6b35d704fa46
s390x	webkit2gtk3-jsc-2.48.1-1.el8_10.s390x.rpm	9f2634c21f30bf96f849ca1f739ea213ee416482ae42b537578f532bbc59373d
s390x	webkit2gtk3-2.48.1-1.el8_10.s390x.rpm	c8b54420c87daec5a37d210559972bc3a4486b38fe89492cd88185176a8159b4
x86_64	webkit2gtk3-jsc-devel-2.48.1-1.el8_10.x86_64.rpm	15d84eef4e93402751ccc348ee97e6cd0ead223e7ca396669e815b26ea002a88
x86_64	webkit2gtk3-devel-2.48.1-1.el8_10.x86_64.rpm	660495b99fcde458be765205a8563042def031abd99cac512d6437878c999137
x86_64	webkit2gtk3-jsc-2.48.1-1.el8_10.x86_64.rpm	9f301cce5a0b66b32e2cbc280674a9200e3d89cb064a3e5b286e11efc7b8144a
x86_64	webkit2gtk3-2.48.1-1.el8_10.x86_64.rpm	a0048878e3a9999d1b6d304a8cd09fe23927c1cba7da376e1605fee6742475ce

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.