Bug 2344623 (CVE-2025-24158)

Summary: CVE-2025-24158 webkitgtk: Processing web content may lead to a denial-of-service
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in WebKitGTK. Processing malicious web content can cause a denial of service due to improper memory handling.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2344968, 2344969    
Bug Blocks:    

Description OSIDB Bzimport 2025-02-10 09:43:26 UTC 
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service.
Comment 1 errata-xmlrpc 2025-03-03 12:31:12 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:2035 https://access.redhat.com/errata/RHSA-2025:2035
Comment 2 errata-xmlrpc 2025-03-03 12:34:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:2034 https://access.redhat.com/errata/RHSA-2025:2034
Comment 4 errata-xmlrpc 2025-07-07 02:30:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:10364 https://access.redhat.com/errata/RHSA-2025:10364