Updated chromium-browser-stable packages fix security vulnerabilities
Publication date: 23 May 2025Modification date: 23 May 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-4096 , CVE-2025-4050 , CVE-2025-4051 , CVE-2025-4052 , CVE-2025-4372 , CVE-2025-4664 , CVE-2025-4609
Description
Heap buffer overflow in HTML. (CVE-2025-4096)
Out of bounds memory access in DevTools. (CVE-2025-4050)
Insufficient data validation in DevTools. (CVE-2025-4051)
Inappropriate implementation in DevTools. (CVE-2025-4052)
Use after free in WebAudio. (CVE-2025-4372)
Insufficient policy enforcement in Loader. (CVE-2025-4664)
Incorrect handle provided in unspecified circumstances in Mojo.
(CVE-2025-4609)
References
- https://bugs.mageia.org/show_bug.cgi?id=34235
- https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html
- https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4096
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4050
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4051
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4052
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4372
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4664
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4609
SRPMS
9/tainted
- chromium-browser-stable-136.0.7103.113-1.mga9.tainted