Red Hat Security Advisory: webkit2gtk3 security update
Red Hat has issued a security advisory for webkit2gtk3 addressing two vulnerabilities in WebKitGTK, the WebKit port for the GTK platform. The vulnerabilities include CVE-2024-54543, which may lead to memory corruption when processing maliciously crafted web content, and CVE-2025-24162, which may cause an unexpected process crash under similar conditions. The update is rated as Important by Red Hat and affects Red Hat Enterprise Linux 8.8 Extended Update Support versions. A security update package is available to remediate these issues.
AI Analysis
Technical Summary
This advisory covers two security vulnerabilities in webkit2gtk3, the GTK port of the WebKit rendering engine. CVE-2024-54543 involves potential memory corruption triggered by malicious web content, while CVE-2025-24162 can cause unexpected process crashes from crafted content. Both vulnerabilities arise from improper handling of web content within the WebKitGTK engine. Red Hat has released updated packages for Red Hat Enterprise Linux 8.8 Extended Update Support to address these issues.
Potential Impact
Exploitation of CVE-2024-54543 could result in memory corruption, which may lead to arbitrary code execution or application instability. CVE-2025-24162 may cause unexpected process crashes, potentially leading to denial of service conditions. Both vulnerabilities affect the security and stability of applications using the webkit2gtk3 library to render web content.
Mitigation Recommendations
Red Hat has released an official security update for webkit2gtk3 in Red Hat Enterprise Linux 8.8 Extended Update Support. Users should apply the update as described in the Red Hat advisory (RHSA-2025:1958) and the referenced article https://access.redhat.com/articles/11258 to remediate these vulnerabilities. No additional mitigations are indicated by the vendor advisory.
Red Hat Security Advisory: webkit2gtk3 security update
Description
Red Hat has issued a security advisory for webkit2gtk3 addressing two vulnerabilities in WebKitGTK, the WebKit port for the GTK platform. The vulnerabilities include CVE-2024-54543, which may lead to memory corruption when processing maliciously crafted web content, and CVE-2025-24162, which may cause an unexpected process crash under similar conditions. The update is rated as Important by Red Hat and affects Red Hat Enterprise Linux 8.8 Extended Update Support versions. A security update package is available to remediate these issues.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers two security vulnerabilities in webkit2gtk3, the GTK port of the WebKit rendering engine. CVE-2024-54543 involves potential memory corruption triggered by malicious web content, while CVE-2025-24162 can cause unexpected process crashes from crafted content. Both vulnerabilities arise from improper handling of web content within the WebKitGTK engine. Red Hat has released updated packages for Red Hat Enterprise Linux 8.8 Extended Update Support to address these issues.
Potential Impact
Exploitation of CVE-2024-54543 could result in memory corruption, which may lead to arbitrary code execution or application instability. CVE-2025-24162 may cause unexpected process crashes, potentially leading to denial of service conditions. Both vulnerabilities affect the security and stability of applications using the webkit2gtk3 library to render web content.
Mitigation Recommendations
Red Hat has released an official security update for webkit2gtk3 in Red Hat Enterprise Linux 8.8 Extended Update Support. Users should apply the update as described in the Red Hat advisory (RHSA-2025:1958) and the referenced article https://access.redhat.com/articles/11258 to remediate these vulnerabilities. No additional mitigations are indicated by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:1958
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-24162"]
- Cvss Version
- null
Threat ID: 6a419cae27e9c79719aba47d
Added to database: 06/28/2026, 22:14:06 UTC
Last enriched: 06/28/2026, 22:24:06 UTC
Last updated: 07/08/2026, 22:28:18 UTC
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.