PT-2025-10859 · Apple+10 · Ipados+15
Gary Kwong
·
Publicado
2025-03-11
·
Atualizado
2026-03-10
·
CVE-2025-24201
CVSS v3.1
10
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WebKitGTK versions 2.48.0-0ubuntu0.24.10.1 and prior.
Description
The WebKitGTK web rendering engine contains an out-of-bounds write vulnerability (CVE-2025-24201). This vulnerability is due to the ability to toggle the WebGL context primitive restart from the WebContent process. A remote attacker could exploit this issue if a user views a malicious website, potentially leading to cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Recommendations
Update WebKitGTK to version 2.50.1 or later to address this vulnerability. Run
sudo pro fix USN-7395-1 to apply the fix.Exploit
Correção
RCE
DoS
Memory Corruption
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Apple Macos
Red Hat
Rocky Linux
Safari
Suse
Ubuntu
Ios
Ipados
Macos Sequoia
Visionos