Bug 2357919 (CVE-2025-30427) - CVE-2025-30427 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
Summary: CVE-2025-30427 webkitgtk: Processing maliciously crafted web content may lead...
Keywords:
Status: NEW
Alias: CVE-2025-30427
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2358001 2358002
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-04-07 14:33 UTC by OSIDB Bzimport
Modified: 2025-05-21 08:35 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2025:3840 0 None None None 2025-04-14 12:23:15 UTC
Red Hat Product Errata RHSA-2025:3713 0 None None None 2025-04-08 20:51:06 UTC
Red Hat Product Errata RHSA-2025:3755 0 None None None 2025-04-09 13:07:27 UTC
Red Hat Product Errata RHSA-2025:3756 0 None None None 2025-04-09 13:11:18 UTC
Red Hat Product Errata RHSA-2025:3974 0 None None None 2025-04-17 06:44:53 UTC
Red Hat Product Errata RHSA-2025:4445 0 None None None 2025-05-05 01:40:42 UTC
Red Hat Product Errata RHSA-2025:7387 0 None None None 2025-05-13 11:50:29 UTC
Red Hat Product Errata RHSA-2025:7998 0 None None None 2025-05-19 16:25:34 UTC
Red Hat Product Errata RHSA-2025:8064 0 None None None 2025-05-21 08:32:51 UTC
Red Hat Product Errata RHSA-2025:8065 0 None None None 2025-05-21 08:27:18 UTC
Red Hat Product Errata RHSA-2025:8066 0 None None None 2025-05-21 08:35:41 UTC

Description OSIDB Bzimport 2025-04-07 14:33:42 UTC 
A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Comment 1 errata-xmlrpc 2025-04-08 20:51:05 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:3713 https://access.redhat.com/errata/RHSA-2025:3713
Comment 2 errata-xmlrpc 2025-04-09 13:07:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:3755 https://access.redhat.com/errata/RHSA-2025:3755
Comment 3 errata-xmlrpc 2025-04-09 13:11:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:3756 https://access.redhat.com/errata/RHSA-2025:3756
Comment 4 errata-xmlrpc 2025-04-17 06:44:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:3974 https://access.redhat.com/errata/RHSA-2025:3974
Comment 5 Anna Joy 2025-04-25 16:18:28 UTC 
CVE-2025-30427 is a use-after-free vulnerability in WebKitGTK and WPE WebKit that can cause Safari to crash when processing maliciously crafted web content. The issue has been addressed through improved memory management, and Red Hat has released a patch under https://bugzilla.redhat.com/show_bug.cgi?id=2357919 https://crazy-cattle3d.com.
Comment 6 errata-xmlrpc 2025-05-05 01:40:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:4445 https://access.redhat.com/errata/RHSA-2025:4445
Comment 7 errata-xmlrpc 2025-05-13 11:50:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:7387 https://access.redhat.com/errata/RHSA-2025:7387
Comment 8 errata-xmlrpc 2025-05-19 16:25:32 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Dev Spaces 3 Containers

Via RHSA-2025:7998 https://access.redhat.com/errata/RHSA-2025:7998
Comment 9 errata-xmlrpc 2025-05-21 08:27:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:8065 https://access.redhat.com/errata/RHSA-2025:8065
Comment 10 errata-xmlrpc 2025-05-21 08:32:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2025:8064 https://access.redhat.com/errata/RHSA-2025:8064
Comment 11 errata-xmlrpc 2025-05-21 08:35:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:8066 https://access.redhat.com/errata/RHSA-2025:8066
Note You need to log in before you can comment on or make changes to this bug.