红帽产品勘误 RHSA-2026:13845 - Security Advisory
发布:
2026-05-05
已更新:
2026-05-05

RHSA-2026:13845 - Security Advisory

概述

Important: webkit2gtk3 security update

类型/严重性

Security Advisory: Important

Red Hat Insights 补丁分析

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43213)
  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43214)
  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43457)
  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43511)
  • webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-46299)
  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20608)
  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20635)
  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20636)
  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20644)
  • webkitgtk: A remote attacker may be able to cause a denial-of-service (CVE-2026-20652)
  • webkitgtk: A website may be able to track users through Safari web extensions (CVE-2026-20676)
  • webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy (CVE-2026-20643)
  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20664)
  • webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2026-20665)
  • webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2026-20691)
  • webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28857)
  • webkitgtk: A malicious website may be able to process restricted web content outside the sandbox (CVE-2026-28859)
  • webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack (CVE-2026-28871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

修复

  • BZ - 2448781 - CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
  • BZ - 2448782 - CVE-2025-43214 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
  • BZ - 2448786 - CVE-2025-43457 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
  • BZ - 2448787 - CVE-2025-43511 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
  • BZ - 2448788 - CVE-2025-46299 webkitgtk: Processing maliciously crafted web content may disclose internal states of the app
  • BZ - 2448789 - CVE-2026-20608 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
  • BZ - 2448790 - CVE-2026-20635 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
  • BZ - 2448791 - CVE-2026-20636 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
  • BZ - 2448792 - CVE-2026-20644 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
  • BZ - 2448793 - CVE-2026-20652 webkitgtk: A remote attacker may be able to cause a denial-of-service
  • BZ - 2448794 - CVE-2026-20676 webkitgtk: A website may be able to track users through Safari web extensions
  • BZ - 2453000 - CVE-2026-20643 webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy
  • BZ - 2453001 - CVE-2026-20664 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
  • BZ - 2453002 - CVE-2026-20665 webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
  • BZ - 2453003 - CVE-2026-20691 webkitgtk: A maliciously crafted webpage may be able to fingerprint the user
  • BZ - 2453004 - CVE-2026-28857 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
  • BZ - 2453006 - CVE-2026-28859 webkitgtk: A malicious website may be able to process restricted web content outside the sandbox
  • BZ - 2453008 - CVE-2026-28871 webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
webkit2gtk3-2.52.3-1.el8_6.src.rpm SHA-256: 77168f45839726aa47e70676cbf3eefd2674788298f16cdd2f9896090480dfa3
x86_64
webkit2gtk3-2.52.3-1.el8_6.i686.rpm SHA-256: b137ff2a6fa241ae51f61da5f1853fc49c71a635f0633c845d7b88c5b9ac0707
webkit2gtk3-2.52.3-1.el8_6.x86_64.rpm SHA-256: d70c8270aac6934844ec904cb398dd549c76bf8421b2123fe69f6deced5c3153
webkit2gtk3-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: db5fbb92bde7423af550815b32457035d047528ae67337b9103306fdb01d3dd1
webkit2gtk3-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: 50e2a79fd97dd7d9b4f33fbd364603ea3f712b0bf2087026816345da7956576f
webkit2gtk3-debugsource-2.52.3-1.el8_6.i686.rpm SHA-256: e6a5173466d2f8ad93312d5bcab071a689bb84458226b4bef337b273bdde001d
webkit2gtk3-debugsource-2.52.3-1.el8_6.x86_64.rpm SHA-256: c7ee3dee14a76e29534429edb224784fd0336809ac85b674281afa0672d0b72f
webkit2gtk3-devel-2.52.3-1.el8_6.i686.rpm SHA-256: 555c7f658c8f1a9908853c6a9f0c9c352a5c3ce2233db4731afec2cd82f6aad4
webkit2gtk3-devel-2.52.3-1.el8_6.x86_64.rpm SHA-256: 60475fd51bfed84242e360b2d4ac69393d1ab22d533b3ad18d40a0bc4683644f
webkit2gtk3-devel-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 0a87339048fdf758388304c28a756e1b8c040d0212105436d2e8490fac54453f
webkit2gtk3-devel-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: d3fee52d7e38d31c91eee7f3ddbf9bf2884606a0fcf690648097081c9706a574
webkit2gtk3-jsc-2.52.3-1.el8_6.i686.rpm SHA-256: 128d013f486976b38b656b79a21f2a686d48d9f08f3d512852fa27312e3a89ac
webkit2gtk3-jsc-2.52.3-1.el8_6.x86_64.rpm SHA-256: 6853c568b8ddbc7433ee6df1a5f5855ee5cc396009c077d06602cf0433566774
webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 889d4eb37d46dc49f842a6316b557be3e48c5375b36c3dffdcacd1922446f819
webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: 14dedaf85f9bb906548766de543c4e4183fe97d86b1809034c10d29a022f7956
webkit2gtk3-jsc-devel-2.52.3-1.el8_6.i686.rpm SHA-256: 63f8eb080cc2472b74c1469325b4588dea7b9c7dd1bacd5ca5eaf17893ce4e88
webkit2gtk3-jsc-devel-2.52.3-1.el8_6.x86_64.rpm SHA-256: 5ce98ea4e8ae88372fc59e65373ce69440ae6f1679d5dae72bf668779937df1f
webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 73a0d8e41d7303c2b3072cbae22da58bfc6bdb0909718ef014afbcce5345d42d
webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: f2282276a18253040b2572768ab34b0397ab01e0824ae1e83dcdd16004543aa9

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
webkit2gtk3-2.52.3-1.el8_6.src.rpm SHA-256: 77168f45839726aa47e70676cbf3eefd2674788298f16cdd2f9896090480dfa3
x86_64
webkit2gtk3-2.52.3-1.el8_6.i686.rpm SHA-256: b137ff2a6fa241ae51f61da5f1853fc49c71a635f0633c845d7b88c5b9ac0707
webkit2gtk3-2.52.3-1.el8_6.x86_64.rpm SHA-256: d70c8270aac6934844ec904cb398dd549c76bf8421b2123fe69f6deced5c3153
webkit2gtk3-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: db5fbb92bde7423af550815b32457035d047528ae67337b9103306fdb01d3dd1
webkit2gtk3-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: 50e2a79fd97dd7d9b4f33fbd364603ea3f712b0bf2087026816345da7956576f
webkit2gtk3-debugsource-2.52.3-1.el8_6.i686.rpm SHA-256: e6a5173466d2f8ad93312d5bcab071a689bb84458226b4bef337b273bdde001d
webkit2gtk3-debugsource-2.52.3-1.el8_6.x86_64.rpm SHA-256: c7ee3dee14a76e29534429edb224784fd0336809ac85b674281afa0672d0b72f
webkit2gtk3-devel-2.52.3-1.el8_6.i686.rpm SHA-256: 555c7f658c8f1a9908853c6a9f0c9c352a5c3ce2233db4731afec2cd82f6aad4
webkit2gtk3-devel-2.52.3-1.el8_6.x86_64.rpm SHA-256: 60475fd51bfed84242e360b2d4ac69393d1ab22d533b3ad18d40a0bc4683644f
webkit2gtk3-devel-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 0a87339048fdf758388304c28a756e1b8c040d0212105436d2e8490fac54453f
webkit2gtk3-devel-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: d3fee52d7e38d31c91eee7f3ddbf9bf2884606a0fcf690648097081c9706a574
webkit2gtk3-jsc-2.52.3-1.el8_6.i686.rpm SHA-256: 128d013f486976b38b656b79a21f2a686d48d9f08f3d512852fa27312e3a89ac
webkit2gtk3-jsc-2.52.3-1.el8_6.x86_64.rpm SHA-256: 6853c568b8ddbc7433ee6df1a5f5855ee5cc396009c077d06602cf0433566774
webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 889d4eb37d46dc49f842a6316b557be3e48c5375b36c3dffdcacd1922446f819
webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: 14dedaf85f9bb906548766de543c4e4183fe97d86b1809034c10d29a022f7956
webkit2gtk3-jsc-devel-2.52.3-1.el8_6.i686.rpm SHA-256: 63f8eb080cc2472b74c1469325b4588dea7b9c7dd1bacd5ca5eaf17893ce4e88
webkit2gtk3-jsc-devel-2.52.3-1.el8_6.x86_64.rpm SHA-256: 5ce98ea4e8ae88372fc59e65373ce69440ae6f1679d5dae72bf668779937df1f
webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 73a0d8e41d7303c2b3072cbae22da58bfc6bdb0909718ef014afbcce5345d42d
webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: f2282276a18253040b2572768ab34b0397ab01e0824ae1e83dcdd16004543aa9

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
webkit2gtk3-2.52.3-1.el8_6.src.rpm SHA-256: 77168f45839726aa47e70676cbf3eefd2674788298f16cdd2f9896090480dfa3
x86_64
webkit2gtk3-2.52.3-1.el8_6.i686.rpm SHA-256: b137ff2a6fa241ae51f61da5f1853fc49c71a635f0633c845d7b88c5b9ac0707
webkit2gtk3-2.52.3-1.el8_6.x86_64.rpm SHA-256: d70c8270aac6934844ec904cb398dd549c76bf8421b2123fe69f6deced5c3153
webkit2gtk3-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: db5fbb92bde7423af550815b32457035d047528ae67337b9103306fdb01d3dd1
webkit2gtk3-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: 50e2a79fd97dd7d9b4f33fbd364603ea3f712b0bf2087026816345da7956576f
webkit2gtk3-debugsource-2.52.3-1.el8_6.i686.rpm SHA-256: e6a5173466d2f8ad93312d5bcab071a689bb84458226b4bef337b273bdde001d
webkit2gtk3-debugsource-2.52.3-1.el8_6.x86_64.rpm SHA-256: c7ee3dee14a76e29534429edb224784fd0336809ac85b674281afa0672d0b72f
webkit2gtk3-devel-2.52.3-1.el8_6.i686.rpm SHA-256: 555c7f658c8f1a9908853c6a9f0c9c352a5c3ce2233db4731afec2cd82f6aad4
webkit2gtk3-devel-2.52.3-1.el8_6.x86_64.rpm SHA-256: 60475fd51bfed84242e360b2d4ac69393d1ab22d533b3ad18d40a0bc4683644f
webkit2gtk3-devel-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 0a87339048fdf758388304c28a756e1b8c040d0212105436d2e8490fac54453f
webkit2gtk3-devel-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: d3fee52d7e38d31c91eee7f3ddbf9bf2884606a0fcf690648097081c9706a574
webkit2gtk3-jsc-2.52.3-1.el8_6.i686.rpm SHA-256: 128d013f486976b38b656b79a21f2a686d48d9f08f3d512852fa27312e3a89ac
webkit2gtk3-jsc-2.52.3-1.el8_6.x86_64.rpm SHA-256: 6853c568b8ddbc7433ee6df1a5f5855ee5cc396009c077d06602cf0433566774
webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 889d4eb37d46dc49f842a6316b557be3e48c5375b36c3dffdcacd1922446f819
webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: 14dedaf85f9bb906548766de543c4e4183fe97d86b1809034c10d29a022f7956
webkit2gtk3-jsc-devel-2.52.3-1.el8_6.i686.rpm SHA-256: 63f8eb080cc2472b74c1469325b4588dea7b9c7dd1bacd5ca5eaf17893ce4e88
webkit2gtk3-jsc-devel-2.52.3-1.el8_6.x86_64.rpm SHA-256: 5ce98ea4e8ae88372fc59e65373ce69440ae6f1679d5dae72bf668779937df1f
webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 73a0d8e41d7303c2b3072cbae22da58bfc6bdb0909718ef014afbcce5345d42d
webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: f2282276a18253040b2572768ab34b0397ab01e0824ae1e83dcdd16004543aa9

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
webkit2gtk3-2.52.3-1.el8_6.src.rpm SHA-256: 77168f45839726aa47e70676cbf3eefd2674788298f16cdd2f9896090480dfa3
ppc64le
webkit2gtk3-2.52.3-1.el8_6.ppc64le.rpm SHA-256: 57ec5213a95b02406e4c28f936b03050060ce2e311b43d2bbdca172f5571833a
webkit2gtk3-debuginfo-2.52.3-1.el8_6.ppc64le.rpm SHA-256: a7822cf7555391fd175217dba344657e462685c99346d4344afd301a22e055ae
webkit2gtk3-debugsource-2.52.3-1.el8_6.ppc64le.rpm SHA-256: bad3f775ba4557a5fa9acb890c47911eecc0c82ce6e0c65ec689b84976867598
webkit2gtk3-devel-2.52.3-1.el8_6.ppc64le.rpm SHA-256: 64b673602e3cc0584c7386670c251390d849c4cdba40ee9ab7d0ddd0f7e86ce4
webkit2gtk3-devel-debuginfo-2.52.3-1.el8_6.ppc64le.rpm SHA-256: 3b5c3082e3eddd3c8c7eca96062cf7f9677972bdeb7ca3c3cc4dc44c333fce13
webkit2gtk3-jsc-2.52.3-1.el8_6.ppc64le.rpm SHA-256: 0b6207c327695f79ee4e05f9ba0383ea7915bb63bdcc2120172d2bcc47ec07c0
webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_6.ppc64le.rpm SHA-256: 939aead7a1f9b6d0858510bab7a3c758a9999df6c1eb50dee9fc2fea4e971c7f
webkit2gtk3-jsc-devel-2.52.3-1.el8_6.ppc64le.rpm SHA-256: 2f28ebc09683e5a18da20d671411e61698f4e562c103487780cbec95c954664b
webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_6.ppc64le.rpm SHA-256: 7b2273604754a37c0b0811e5fde8e524e209f16e27ef5e90ba26efe6ba5bf0d9

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
webkit2gtk3-2.52.3-1.el8_6.src.rpm SHA-256: 77168f45839726aa47e70676cbf3eefd2674788298f16cdd2f9896090480dfa3
x86_64
webkit2gtk3-2.52.3-1.el8_6.i686.rpm SHA-256: b137ff2a6fa241ae51f61da5f1853fc49c71a635f0633c845d7b88c5b9ac0707
webkit2gtk3-2.52.3-1.el8_6.x86_64.rpm SHA-256: d70c8270aac6934844ec904cb398dd549c76bf8421b2123fe69f6deced5c3153
webkit2gtk3-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: db5fbb92bde7423af550815b32457035d047528ae67337b9103306fdb01d3dd1
webkit2gtk3-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: 50e2a79fd97dd7d9b4f33fbd364603ea3f712b0bf2087026816345da7956576f
webkit2gtk3-debugsource-2.52.3-1.el8_6.i686.rpm SHA-256: e6a5173466d2f8ad93312d5bcab071a689bb84458226b4bef337b273bdde001d
webkit2gtk3-debugsource-2.52.3-1.el8_6.x86_64.rpm SHA-256: c7ee3dee14a76e29534429edb224784fd0336809ac85b674281afa0672d0b72f
webkit2gtk3-devel-2.52.3-1.el8_6.i686.rpm SHA-256: 555c7f658c8f1a9908853c6a9f0c9c352a5c3ce2233db4731afec2cd82f6aad4
webkit2gtk3-devel-2.52.3-1.el8_6.x86_64.rpm SHA-256: 60475fd51bfed84242e360b2d4ac69393d1ab22d533b3ad18d40a0bc4683644f
webkit2gtk3-devel-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 0a87339048fdf758388304c28a756e1b8c040d0212105436d2e8490fac54453f
webkit2gtk3-devel-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: d3fee52d7e38d31c91eee7f3ddbf9bf2884606a0fcf690648097081c9706a574
webkit2gtk3-jsc-2.52.3-1.el8_6.i686.rpm SHA-256: 128d013f486976b38b656b79a21f2a686d48d9f08f3d512852fa27312e3a89ac
webkit2gtk3-jsc-2.52.3-1.el8_6.x86_64.rpm SHA-256: 6853c568b8ddbc7433ee6df1a5f5855ee5cc396009c077d06602cf0433566774
webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 889d4eb37d46dc49f842a6316b557be3e48c5375b36c3dffdcacd1922446f819
webkit2gtk3-jsc-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: 14dedaf85f9bb906548766de543c4e4183fe97d86b1809034c10d29a022f7956
webkit2gtk3-jsc-devel-2.52.3-1.el8_6.i686.rpm SHA-256: 63f8eb080cc2472b74c1469325b4588dea7b9c7dd1bacd5ca5eaf17893ce4e88
webkit2gtk3-jsc-devel-2.52.3-1.el8_6.x86_64.rpm SHA-256: 5ce98ea4e8ae88372fc59e65373ce69440ae6f1679d5dae72bf668779937df1f
webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_6.i686.rpm SHA-256: 73a0d8e41d7303c2b3072cbae22da58bfc6bdb0909718ef014afbcce5345d42d
webkit2gtk3-jsc-devel-debuginfo-2.52.3-1.el8_6.x86_64.rpm SHA-256: f2282276a18253040b2572768ab34b0397ab01e0824ae1e83dcdd16004543aa9

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/