Bug 2402457 - CVE-2025-11458, CVE-2025-11460, CVE-2025-11211 - chromium security issues [fedora-all]
Summary: CVE-2025-11458, CVE-2025-11460, CVE-2025-11211 - chromium security issues [fe...
Keywords:
Status: CLOSED ERRATA
Alias: None
Deadline: 2025-10-13
Product: Fedora
Classification: Fedora
Component: chromium
Version: 42
Hardware: Unspecified
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Than Ngo
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-10-08 07:45 UTC by Than Ngo
Modified: 2025-10-11 00:58 UTC (History)
5 users (show)

Fixed In Version: chromium-141.0.7390.65-1.fc42
Clone Of:
Environment:
Last Closed: 2025-10-11 00:58:08 UTC
Type: ---
Embargoed:
than: mirror+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker FC-2461 0 None None None 2025-10-08 07:53:52 UTC

Description Than Ngo 2025-10-08 07:45:46 UTC 
Following security issues affect chromium in all supported fedora releases:

* High CVE-2025-11458: Heap buffer overflow in Sync
* High CVE-2025-11460: Use after free in Storage
* Medium CVE-2025-11211: Out of bounds read in WebCodecs


Reproducible: Always
Comment 1 Fedora Update System 2025-10-10 12:47:34 UTC 
FEDORA-2025-10d67f6509 (chromium-141.0.7390.65-1.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-10d67f6509
Comment 2 Fedora Update System 2025-10-11 00:58:08 UTC 
FEDORA-2025-10d67f6509 (chromium-141.0.7390.65-1.fc42) has been pushed to the Fedora 42 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.