Bug 2397767 - CVE-2025-10890, CVE-2025-10891, CVE-2025-10892 - chromium: Side-channel information leakage and Ingter overflow in V8 [fedora-all]
Summary: CVE-2025-10890, CVE-2025-10891, CVE-2025-10892 - chromium: Side-channel info...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: chromium
Version: 42
Hardware: Unspecified
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Than Ngo
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-09-24 09:28 UTC by Than Ngo
Modified: 2025-09-29 01:05 UTC (History)
5 users (show)

Fixed In Version: chromium-140.0.7339.207-1.fc43 chromium-140.0.7339.207-1.fc42 chromium-140.0.7339.207-1.fc41
Clone Of:
Environment:
Last Closed: 2025-09-27 00:16:11 UTC
Type: ---
Embargoed:
than: mirror+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker FC-2385 0 None None None 2025-09-26 07:01:24 UTC

Description Than Ngo 2025-09-24 09:28:39 UTC 
Following security issues affected chromium in Fedora:
  * CVE-2025-10890: Side-channel information leakage in V8
  * CVE-2025-10891: Integer overflow in V8
  * CVE-2025-10892: Integer overflow in V8


Reproducible: Always
Comment 1 Fedora Update System 2025-09-26 07:01:11 UTC 
FEDORA-2025-0b264b890c (chromium-140.0.7339.207-1.fc41) has been submitted as an update to Fedora 41.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-0b264b890c
Comment 2 Fedora Update System 2025-09-26 07:01:11 UTC 
FEDORA-2025-6d1ba4a93e (chromium-140.0.7339.207-1.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-6d1ba4a93e
Comment 3 Fedora Update System 2025-09-27 00:16:11 UTC 
FEDORA-2025-c161defb4d (chromium-140.0.7339.207-1.fc43) has been pushed to the Fedora 43 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 4 Fedora Update System 2025-09-27 01:11:53 UTC 
FEDORA-2025-6d1ba4a93e (chromium-140.0.7339.207-1.fc42) has been pushed to the Fedora 42 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 5 Fedora Update System 2025-09-27 01:52:54 UTC 
FEDORA-2025-0b264b890c has been pushed to the Fedora 41 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-0b264b890c`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-0b264b890c

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 6 Fedora Update System 2025-09-29 01:05:11 UTC 
FEDORA-2025-0b264b890c (chromium-140.0.7339.207-1.fc41) has been pushed to the Fedora 41 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.