Bug 2386268 (CVE-2025-31273)

Summary: CVE-2025-31273 webkitgtk: Processing maliciously crafted web content may lead to memory corruption
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2386408, 2386407, 2386409    
Bug Blocks:    

Description OSIDB Bzimport 2025-08-04 12:42:15 UTC 
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to memory corruption.
Comment 1 errata-xmlrpc 2025-08-13 09:35:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:13780 https://access.redhat.com/errata/RHSA-2025:13780
Comment 2 errata-xmlrpc 2025-08-13 09:39:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:13782 https://access.redhat.com/errata/RHSA-2025:13782
Comment 3 errata-xmlrpc 2025-08-25 08:12:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2025:14421 https://access.redhat.com/errata/RHSA-2025:14421
Comment 4 errata-xmlrpc 2025-08-25 08:26:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:14422 https://access.redhat.com/errata/RHSA-2025:14422
Comment 5 errata-xmlrpc 2025-08-25 08:28:15 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:14423 https://access.redhat.com/errata/RHSA-2025:14423
Comment 6 errata-xmlrpc 2025-08-25 08:29:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:14432 https://access.redhat.com/errata/RHSA-2025:14432
Comment 7 errata-xmlrpc 2025-08-25 08:32:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2025:14434 https://access.redhat.com/errata/RHSA-2025:14434
Comment 8 errata-xmlrpc 2025-08-25 08:34:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:14433 https://access.redhat.com/errata/RHSA-2025:14433
Comment 9 errata-xmlrpc 2025-08-25 10:43:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2025:14486 https://access.redhat.com/errata/RHSA-2025:14486
Comment 10 errata-xmlrpc 2025-09-15 01:25:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:15729 https://access.redhat.com/errata/RHSA-2025:15729