Fedora Security Advisories

FEDORA-EPEL-2026-c0b39ff94f Packages in this update:

• chromium-148.0.7778.178-1.el10_3

Update description:

Update to 148.0.7778.178

• CVE-2026-9111: Use after free in WebRTC
• CVE-2026-9110: Inappropriate implementation in UI
• CVE-2026-9112: Use after free in GPU
• CVE-2026-9113: Out of bounds read in GPU
• CVE-2026-9114: Use after free in QUIC
• CVE-2026-9115: Insufficient policy enforcement in Service Worker
• CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
• CVE-2026-9117: Type Confusion in GFX
• CVE-2026-9118: Use after free in XR
• CVE-2026-9119: Heap buffer overflow in WebRTC
• CVE-2026-9120: Use after free in WebRTC
• CVE-2026-9126: Use after free in DOM
• CVE-2026-9121: Out of bounds read in GPU
• CVE-2026-9122: Out of bounds read in GPU
• CVE-2026-9123: Heap buffer overflow in Chromecast
• CVE-2026-9124: Insufficient validation of untrusted input in Input

FEDORA-2026-b17799ac62 Packages in this update:

• chromium-148.0.7778.178-1.fc43

Update description:

Update to 148.0.7778.178

• CVE-2026-9111: Use after free in WebRTC
• CVE-2026-9110: Inappropriate implementation in UI
• CVE-2026-9112: Use after free in GPU
• CVE-2026-9113: Out of bounds read in GPU
• CVE-2026-9114: Use after free in QUIC
• CVE-2026-9115: Insufficient policy enforcement in Service Worker
• CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
• CVE-2026-9117: Type Confusion in GFX
• CVE-2026-9118: Use after free in XR
• CVE-2026-9119: Heap buffer overflow in WebRTC
• CVE-2026-9120: Use after free in WebRTC
• CVE-2026-9126: Use after free in DOM
• CVE-2026-9121: Out of bounds read in GPU
• CVE-2026-9122: Out of bounds read in GPU
• CVE-2026-9123: Heap buffer overflow in Chromecast
• CVE-2026-9124: Insufficient validation of untrusted input in Input

Update to 148.0.7778.167

• CVE-2026-8509: Heap buffer overflow in WebML
• CVE-2026-8510: Integer overflow in Skia
• CVE-2026-8511: Use after free in UI
• CVE-2026-8512: Use after free in FileSystem
• CVE-2026-8513: Use after free in Input
• CVE-2026-8514: Use after free in Aura
• CVE-2026-8515: Use after free in HID
• CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer
• CVE-2026-8517: Object lifecycle issue in WebShare
• CVE-2026-8518: Use after free in Blink
• CVE-2026-8519: Integer overflow in ANGLE
• CVE-2026-8520: Race in Payments
• CVE-2026-8521: Use after free in Tab Groups
• CVE-2026-8522: Use after free in Downloads
• CVE-2026-8523: Use after free in Mojo
• CVE-2026-8558: Out of bounds write in Fonts
• CVE-2026-8524: Out of bounds write in WebAudio
• CVE-2026-8525: Heap buffer overflow in ANGLE
• CVE-2026-8526: Out of bounds write in WebRTC
• CVE-2026-8527: Insufficient validation of untrusted input in Downloads
• CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-8529: Heap buffer overflow in Codecs
• CVE-2026-8530: Use after free in Network
• CVE-2026-8531: Heap buffer overflow in WebML
• CVE-2026-8532: Integer overflow in XML
• CVE-2026-8533: Use after free in Accessibility
• CVE-2026-8534: Integer overflow in GPU
• CVE-2026-8535: Out of bounds read in Media
• CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode
• CVE-2026-8537: Insufficient policy enforcement in ViewTransitions
• CVE-2026-8538: Insufficient validation of untrusted input in GPU
• CVE-2026-8539: Script injection in SanitizerAPI
• CVE-2026-8540: Type Confusion in V8
• CVE-2026-8541: Out of bounds read in UI
• CVE-2026-8542: Use after free in Core
• CVE-2026-8543: Out of bounds read in FileSystem
• CVE-2026-8544: Use after free in Media
• CVE-2026-8545: Object corruption in Compositing
• CVE-2026-8546: Out of bounds read in GPU
• CVE-2026-8547: Insufficient policy enforcement in Passwords
• CVE-2026-8548: Out of bounds write in Media
• CVE-2026-8549: Use after free in Media
• CVE-2026-8550: Use after free in Google Lens
• CVE-2026-8551: Use after free in Downloads
• CVE-2026-8552: Heap buffer overflow in GPU
• CVE-2026-8553: Use after free in GPU
• CVE-2026-8554: Type Confusion in ANGLE
• CVE-2026-8555: Use after free in GTK
• CVE-2026-8556: Inappropriate implementation in ANGLE
• CVE-2026-8557: Use after free in Accessibility
• CVE-2026-8559: Integer overflow in Internationalization
• CVE-2026-8560: Heap buffer overflow in SwiftShader
• CVE-2026-8561: Incorrect security UI in Fullscreen
• CVE-2026-8562: Side-channel information leakage in Navigation
• CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox
• CVE-2026-8564: Incorrect security UI in Downloads
• CVE-2026-8565: Inappropriate implementation in Downloads
• CVE-2026-8566: Insufficient policy enforcement in Payments
• CVE-2026-8567: Integer overflow in ANGLE
• CVE-2026-8568: Insufficient policy enforcement in AI
• CVE-2026-8569: Out of bounds write in Codecs
• CVE-2026-8570: Type Confusion in V8
• CVE-2026-8571: Insufficient policy enforcement in GPU
• CVE-2026-8572: Insufficient policy enforcement in Network
• CVE-2026-8573: Integer overflow in Codecs
• CVE-2026-8574: Use after free in Core
• CVE-2026-8575: Use after free in UI
• CVE-2026-8576: Inappropriate implementation in CORS
• CVE-2026-8577: Integer overflow in Fonts
• CVE-2026-8578: Out of bounds read in GPU
• CVE-2026-8579: Insufficient validation of untrusted input in Skia
• CVE-2026-8580: Use after free in Mojo
• CVE-2026-8581: Use after free in GPU
• CVE-2026-8582: Object lifecycle issue in Dawn
• CVE-2026-8583: Insufficient policy enforcement in WebXR
• CVE-2026-8584: Inappropriate implementation in Views
• CVE-2026-8585: Inappropriate implementation in Media
• CVE-2026-8586: Inappropriate implementation in Chromoting
• CVE-2026-8587: Use after free in Extensions

FEDORA-2026-e4f5923bae Packages in this update:

• chromium-148.0.7778.178-1.fc42

Update description:

Update to 148.0.7778.178

• CVE-2026-9111: Use after free in WebRTC
• CVE-2026-9110: Inappropriate implementation in UI
• CVE-2026-9112: Use after free in GPU
• CVE-2026-9113: Out of bounds read in GPU
• CVE-2026-9114: Use after free in QUIC
• CVE-2026-9115: Insufficient policy enforcement in Service Worker
• CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
• CVE-2026-9117: Type Confusion in GFX
• CVE-2026-9118: Use after free in XR
• CVE-2026-9119: Heap buffer overflow in WebRTC
• CVE-2026-9120: Use after free in WebRTC
• CVE-2026-9126: Use after free in DOM
• CVE-2026-9121: Out of bounds read in GPU
• CVE-2026-9122: Out of bounds read in GPU
• CVE-2026-9123: Heap buffer overflow in Chromecast
• CVE-2026-9124: Insufficient validation of untrusted input in Input

Update to 148.0.7778.167

• CVE-2026-8509: Heap buffer overflow in WebML
• CVE-2026-8510: Integer overflow in Skia
• CVE-2026-8511: Use after free in UI
• CVE-2026-8512: Use after free in FileSystem
• CVE-2026-8513: Use after free in Input
• CVE-2026-8514: Use after free in Aura
• CVE-2026-8515: Use after free in HID
• CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer
• CVE-2026-8517: Object lifecycle issue in WebShare
• CVE-2026-8518: Use after free in Blink
• CVE-2026-8519: Integer overflow in ANGLE
• CVE-2026-8520: Race in Payments
• CVE-2026-8521: Use after free in Tab Groups
• CVE-2026-8522: Use after free in Downloads
• CVE-2026-8523: Use after free in Mojo
• CVE-2026-8558: Out of bounds write in Fonts
• CVE-2026-8524: Out of bounds write in WebAudio
• CVE-2026-8525: Heap buffer overflow in ANGLE
• CVE-2026-8526: Out of bounds write in WebRTC
• CVE-2026-8527: Insufficient validation of untrusted input in Downloads
• CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-8529: Heap buffer overflow in Codecs
• CVE-2026-8530: Use after free in Network
• CVE-2026-8531: Heap buffer overflow in WebML
• CVE-2026-8532: Integer overflow in XML
• CVE-2026-8533: Use after free in Accessibility
• CVE-2026-8534: Integer overflow in GPU
• CVE-2026-8535: Out of bounds read in Media
• CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode
• CVE-2026-8537: Insufficient policy enforcement in ViewTransitions
• CVE-2026-8538: Insufficient validation of untrusted input in GPU
• CVE-2026-8539: Script injection in SanitizerAPI
• CVE-2026-8540: Type Confusion in V8
• CVE-2026-8541: Out of bounds read in UI
• CVE-2026-8542: Use after free in Core
• CVE-2026-8543: Out of bounds read in FileSystem
• CVE-2026-8544: Use after free in Media
• CVE-2026-8545: Object corruption in Compositing
• CVE-2026-8546: Out of bounds read in GPU
• CVE-2026-8547: Insufficient policy enforcement in Passwords
• CVE-2026-8548: Out of bounds write in Media
• CVE-2026-8549: Use after free in Media
• CVE-2026-8550: Use after free in Google Lens
• CVE-2026-8551: Use after free in Downloads
• CVE-2026-8552: Heap buffer overflow in GPU
• CVE-2026-8553: Use after free in GPU
• CVE-2026-8554: Type Confusion in ANGLE
• CVE-2026-8555: Use after free in GTK
• CVE-2026-8556: Inappropriate implementation in ANGLE
• CVE-2026-8557: Use after free in Accessibility
• CVE-2026-8559: Integer overflow in Internationalization
• CVE-2026-8560: Heap buffer overflow in SwiftShader
• CVE-2026-8561: Incorrect security UI in Fullscreen
• CVE-2026-8562: Side-channel information leakage in Navigation
• CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox
• CVE-2026-8564: Incorrect security UI in Downloads
• CVE-2026-8565: Inappropriate implementation in Downloads
• CVE-2026-8566: Insufficient policy enforcement in Payments
• CVE-2026-8567: Integer overflow in ANGLE
• CVE-2026-8568: Insufficient policy enforcement in AI
• CVE-2026-8569: Out of bounds write in Codecs
• CVE-2026-8570: Type Confusion in V8
• CVE-2026-8571: Insufficient policy enforcement in GPU
• CVE-2026-8572: Insufficient policy enforcement in Network
• CVE-2026-8573: Integer overflow in Codecs
• CVE-2026-8574: Use after free in Core
• CVE-2026-8575: Use after free in UI
• CVE-2026-8576: Inappropriate implementation in CORS
• CVE-2026-8577: Integer overflow in Fonts
• CVE-2026-8578: Out of bounds read in GPU
• CVE-2026-8579: Insufficient validation of untrusted input in Skia
• CVE-2026-8580: Use after free in Mojo
• CVE-2026-8581: Use after free in GPU
• CVE-2026-8582: Object lifecycle issue in Dawn
• CVE-2026-8583: Insufficient policy enforcement in WebXR
• CVE-2026-8584: Inappropriate implementation in Views
• CVE-2026-8585: Inappropriate implementation in Media
• CVE-2026-8586: Inappropriate implementation in Chromoting
• CVE-2026-8587: Use after free in Extensions

FEDORA-EPEL-2026-d1c74ffb1b Packages in this update:

• chromium-148.0.7778.178-1.el9

Update description:

Update to 148.0.7778.178

• CVE-2026-9111: Use after free in WebRTC
• CVE-2026-9110: Inappropriate implementation in UI
• CVE-2026-9112: Use after free in GPU
• CVE-2026-9113: Out of bounds read in GPU
• CVE-2026-9114: Use after free in QUIC
• CVE-2026-9115: Insufficient policy enforcement in Service Worker
• CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
• CVE-2026-9117: Type Confusion in GFX
• CVE-2026-9118: Use after free in XR
• CVE-2026-9119: Heap buffer overflow in WebRTC
• CVE-2026-9120: Use after free in WebRTC
• CVE-2026-9126: Use after free in DOM
• CVE-2026-9121: Out of bounds read in GPU
• CVE-2026-9122: Out of bounds read in GPU
• CVE-2026-9123: Heap buffer overflow in Chromecast
• CVE-2026-9124: Insufficient validation of untrusted input in Input

FEDORA-EPEL-2026-9a7f44de0a Packages in this update:

• chromium-148.0.7778.178-1.el10_2

Update description:

Update to 148.0.7778.178

• CVE-2026-9111: Use after free in WebRTC
• CVE-2026-9110: Inappropriate implementation in UI
• CVE-2026-9112: Use after free in GPU
• CVE-2026-9113: Out of bounds read in GPU
• CVE-2026-9114: Use after free in QUIC
• CVE-2026-9115: Insufficient policy enforcement in Service Worker
• CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
• CVE-2026-9117: Type Confusion in GFX
• CVE-2026-9118: Use after free in XR
• CVE-2026-9119: Heap buffer overflow in WebRTC
• CVE-2026-9120: Use after free in WebRTC
• CVE-2026-9126: Use after free in DOM
• CVE-2026-9121: Out of bounds read in GPU
• CVE-2026-9122: Out of bounds read in GPU
• CVE-2026-9123: Heap buffer overflow in Chromecast
• CVE-2026-9124: Insufficient validation of untrusted input in Input

FEDORA-2026-c758d44a9a Packages in this update:

• chromium-148.0.7778.178-1.fc44

Update description:

Update to 148.0.7778.178

• CVE-2026-9111: Use after free in WebRTC
• CVE-2026-9110: Inappropriate implementation in UI
• CVE-2026-9112: Use after free in GPU
• CVE-2026-9113: Out of bounds read in GPU
• CVE-2026-9114: Use after free in QUIC
• CVE-2026-9115: Insufficient policy enforcement in Service Worker
• CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
• CVE-2026-9117: Type Confusion in GFX
• CVE-2026-9118: Use after free in XR
• CVE-2026-9119: Heap buffer overflow in WebRTC
• CVE-2026-9120: Use after free in WebRTC
• CVE-2026-9126: Use after free in DOM
• CVE-2026-9121: Out of bounds read in GPU
• CVE-2026-9122: Out of bounds read in GPU
• CVE-2026-9123: Heap buffer overflow in Chromecast
• CVE-2026-9124: Insufficient validation of untrusted input in Input

FEDORA-2026-956f05a733 Packages in this update:

• djvulibre-3.5.30-1.fc44

Update description:

Update to 3.5.30.

FEDORA-2026-01aa80d160 Packages in this update:

• djvulibre-3.5.30-1.fc42

Update description:

Update to 3.5.30.

FEDORA-2026-bfa185dbb3 Packages in this update:

• djvulibre-3.5.30-1.fc43

Update description:

Update to 3.5.30.

FEDORA-2026-b9f338a467 Packages in this update:

• kernel-6.19.14-108.fc42

Update description:

The 6.19.14-108 stable kernel update contains a couple if important security fixes.

FEDORA-2026-9a3a98bc24 Packages in this update:

• xrdp-0.10.6-2.fc44

Update description:

Close TCP socket in default configuration, because we want just Unix domain socket connections to Xvnc.

FEDORA-2026-6af8517b94 Packages in this update:

• xrdp-0.10.6-2.fc42

Update description:

Close TCP socket in default configuration, because we want just Unix domain socket connections to Xvnc.

FEDORA-EPEL-2026-8d69cba26b Packages in this update:

• xrdp-0.10.6-2.el9

Update description:

Close TCP socket in default configuration, because we want just Unix domain socket connections to Xvnc.

FEDORA-2026-8aeca78af9 Packages in this update:

• xrdp-0.10.6-2.fc43

Update description:

Close TCP socket in default configuration, because we want just Unix domain socket connections to Xvnc.

FEDORA-EPEL-2026-cf191f562d Packages in this update:

• xrdp-0.10.6-2.el8

Update description:

Close TCP socket in default configuration, because we want just Unix domain socket connections to Xvnc.

FEDORA-2026-5d9b0e2c17 Packages in this update:

• haveged-1.9.22-1.fc43

Update description:

Update to 1.9.22 — fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation

Backport fix for CVE-2026-41054: privilege escalation via command socket

FEDORA-2026-8fa79f47e1 Packages in this update:

• haveged-1.9.22-1.fc42

Update description:

Update to 1.9.22 — fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation

Backport fix for CVE-2026-41054: privilege escalation via command socket

FEDORA-2026-66bba52149 Packages in this update:

• kernel-7.0.9-205.fc44

Update description:

The 7.0.9-105/205 stable kernel updates contain a couple if important security fixes.

FEDORA-2026-94731f4ace Packages in this update:

• kernel-7.0.9-105.fc43

Update description:

The 7.0.9-105/205 stable kernel updates contain a couple if important security fixes.

FEDORA-2026-b626e83a45 Packages in this update:

• bind-9.18.49-1.fc43
• bind-dyndb-ldap-11.11-13.fc43

Update description: Update to 9.18.49 (rhbz#2480121) Security Fixes:

• Limit resolver server list size. (CVE-2026-3592)
• Fix GSS-API resource leak. (CVE-2026-3039)
• Disable recursion, UPDATE, and NOTIFY for non-IN views. (CVE-2026-5946)
• Avoid unbounded recursion loop. (CVE-2026-5950)
• Fix outgoing zone transfers' quota issue.

Feature Changes:

• Fix CPU spikes and slow queries when cache approaches memory limit.

Bug Fixes:

• Fix named crash when processing SIG records in dynamic updates.
• Fix rndc modzone behavior for a zone in named.conf.
• Fix zone verification of NSEC3 signed zones.
• Prevent a crash when using both dns64 and filter-aaaa.
• Fixed an assertion failure when processing catalog zones.
• Prevent malicious DNSSEC zones from exhausting validator CPU.
• Fix rndc-confgen aborting on HMAC-SHA-384/512 keys above 512 bits.
• Prevent crafted queries from degrading RRL performance.
• Fix a bug in allow-query/allow-transfer catalog zone custom properties.
• Fix a memory leak issue in catalog zones.
• Fix suppressed missing-glue check in named-checkzone.
• Reject record sets too large to serve in DNS.

Source: https://downloads.isc.org/isc/bind9/9.18.49/doc/arm/html/notes.html#notes-for-bind-9-18-49