Bug 2380254 (CVE-2025-6558) - CVE-2025-6558 angle: insufficient input validation can cause undefined behavior
Summary: CVE-2025-6558 angle: insufficient input validation can cause undefined behavior
Keywords:
Status: NEW
Alias: CVE-2025-6558
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2386418 2386419 2380354 2380357 2386420
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-07-15 19:01 UTC by OSIDB Bzimport
Modified: 2025-09-15 01:25 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2025:13780 0 None None None 2025-08-13 09:35:54 UTC
Red Hat Product Errata RHSA-2025:13782 0 None None None 2025-08-13 09:39:25 UTC
Red Hat Product Errata RHSA-2025:14421 0 None None None 2025-08-25 08:12:31 UTC
Red Hat Product Errata RHSA-2025:14422 0 None None None 2025-08-25 08:26:34 UTC
Red Hat Product Errata RHSA-2025:14423 0 None None None 2025-08-25 08:28:09 UTC
Red Hat Product Errata RHSA-2025:14432 0 None None None 2025-08-25 08:29:48 UTC
Red Hat Product Errata RHSA-2025:14433 0 None None None 2025-08-25 08:34:21 UTC
Red Hat Product Errata RHSA-2025:14434 0 None None None 2025-08-25 08:31:57 UTC
Red Hat Product Errata RHSA-2025:14486 0 None None None 2025-08-25 10:43:23 UTC
Red Hat Product Errata RHSA-2025:15729 0 None None None 2025-09-15 01:25:04 UTC

Description OSIDB Bzimport 2025-07-15 19:01:41 UTC 
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Comment 1 errata-xmlrpc 2025-08-13 09:35:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:13780 https://access.redhat.com/errata/RHSA-2025:13780
Comment 2 errata-xmlrpc 2025-08-13 09:39:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:13782 https://access.redhat.com/errata/RHSA-2025:13782
Comment 3 Skyler 2025-08-20 04:42:01 UTC 
I ran into this bug while working on my https://pipsnyt.com webgame. It seems to trigger undefined behavior during rendering, which causes random crashes and visual glitches. Disabling certain shaders reduces the frequency, but the issue still persists. Happy to provide logs or a repro case if helpful.
Comment 4 Katy Perry 2025-08-25 03:08:06 UTC Comment hidden (spam)
Comment 5 errata-xmlrpc 2025-08-25 08:12:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2025:14421 https://access.redhat.com/errata/RHSA-2025:14421
Comment 6 errata-xmlrpc 2025-08-25 08:26:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:14422 https://access.redhat.com/errata/RHSA-2025:14422
Comment 7 errata-xmlrpc 2025-08-25 08:28:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:14423 https://access.redhat.com/errata/RHSA-2025:14423
Comment 8 errata-xmlrpc 2025-08-25 08:29:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:14432 https://access.redhat.com/errata/RHSA-2025:14432
Comment 9 errata-xmlrpc 2025-08-25 08:31:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2025:14434 https://access.redhat.com/errata/RHSA-2025:14434
Comment 10 errata-xmlrpc 2025-08-25 08:34:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:14433 https://access.redhat.com/errata/RHSA-2025:14433
Comment 11 errata-xmlrpc 2025-08-25 10:43:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2025:14486 https://access.redhat.com/errata/RHSA-2025:14486
Comment 13 errata-xmlrpc 2025-09-15 01:25:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:15729 https://access.redhat.com/errata/RHSA-2025:15729
Note You need to log in before you can comment on or make changes to this bug.