Bug 2386270 (CVE-2025-43211)

Summary: CVE-2025-43211 webkitgtk: Processing web content may lead to a denial-of-service
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in WebKitGTK. Processing malicious web content can cause a denial of service due to improper memory handling.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2386398, 2386397, 2386399    
Bug Blocks:    

Description OSIDB Bzimport 2025-08-04 12:46:12 UTC 
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service.
Comment 1 errata-xmlrpc 2025-08-13 09:35:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:13780 https://access.redhat.com/errata/RHSA-2025:13780
Comment 2 errata-xmlrpc 2025-08-13 09:39:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:13782 https://access.redhat.com/errata/RHSA-2025:13782
Comment 3 errata-xmlrpc 2025-08-25 08:12:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2025:14421 https://access.redhat.com/errata/RHSA-2025:14421
Comment 4 errata-xmlrpc 2025-08-25 08:26:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:14422 https://access.redhat.com/errata/RHSA-2025:14422
Comment 5 errata-xmlrpc 2025-08-25 08:28:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:14423 https://access.redhat.com/errata/RHSA-2025:14423
Comment 6 errata-xmlrpc 2025-08-25 08:30:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:14432 https://access.redhat.com/errata/RHSA-2025:14432
Comment 7 errata-xmlrpc 2025-08-25 08:32:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2025:14434 https://access.redhat.com/errata/RHSA-2025:14434
Comment 8 errata-xmlrpc 2025-08-25 08:34:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:14433 https://access.redhat.com/errata/RHSA-2025:14433
Comment 9 errata-xmlrpc 2025-08-25 10:43:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2025:14486 https://access.redhat.com/errata/RHSA-2025:14486
Comment 10 errata-xmlrpc 2025-09-15 01:25:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:15729 https://access.redhat.com/errata/RHSA-2025:15729