PT-2025-10859 · Apple+10 · Ipados+15

Gary Kwong

·

Published

2025-03-11

·

Updated

2026-03-10

·

CVE-2025-24201

CVSS v3.1

10

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions
WebKitGTK versions 2.48.0-0ubuntu0.24.10.1 and prior.
Description
The WebKitGTK web rendering engine contains an out-of-bounds write vulnerability (CVE-2025-24201). This vulnerability is due to the ability to toggle the WebGL context primitive restart from the WebContent process. A remote attacker could exploit this issue if a user views a malicious website, potentially leading to cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Recommendations
Update WebKitGTK to version 2.50.1 or later to address this vulnerability. Run sudo pro fix USN-7395-1 to apply the fix.

Exploit

Fix

RCE

Memory Corruption

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2025:2863
ALSA-2025:2864
ALT-PU-2025-7539
ALT-PU-2025-7543
ALT-PU-2025-8547
BDU:2025-02568
CESA-2025_2863
CVE-2025-24201
DLA-4218-1
DSA-5877-1
DSA-5885-1
INFSA-2025_2863
INFSA-2025_2864
MGASA-2025-0313
OPENSUSE-SU-2025:15531-1
OPENSUSE-SU-2025_0974-1
OPENSUSE-SU-2025_0975-1
OPENSUSE-SU-2025_1033-1
OPENSUSE-SU-2025_1149-1
RHSA-2025:10364
RHSA-2025:2863
RHSA-2025:2864
RHSA-2025:2997
RHSA-2025:2998
RHSA-2025:3000
RHSA-2025:3001
RHSA-2025:3002
RHSA-2025:3005
RHSA-2025:3034
RHSA-2025_2863
RHSA-2025_2864
SUSE-SU-2025:02765-1
SUSE-SU-2025:02766-1
SUSE-SU-2025:02777-1
SUSE-SU-2025:02973-1
SUSE-SU-2025:0974-1
SUSE-SU-2025:0975-1
SUSE-SU-2025:0993-1
SUSE-SU-2025:1023-1
SUSE-SU-2025:1033-1
SUSE-SU-2025:1149-1
SUSE-SU-2025_02765-1
SUSE-SU-2025_02766-1
SUSE-SU-2025_02777-1
SUSE-SU-2025_02973-1
SUSE-SU-2025_0974-1
SUSE-SU-2025_0975-1
SUSE-SU-2025_0993-1
SUSE-SU-2025_1023-1
USN-7395-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Apple Macos
Red Hat
Rocky Linux
Safari
Suse
Ubuntu
Ios
Ipados
Macos Sequoia
Visionos