Detections
Analytics

openSUSE 16 Security Update : webkit2gtk3 (openSUSE-SU-2026:20065-1)

critical Nessus Plugin ID 294939

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20065-1 advisory.

 Update to version 2.50.4.

 Security issues fixed:

 - CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector server may lead to a UIProcess crash due to an out-of-bounds read and an integer underflow (bsc#1254208).
 - CVE-2025-13947: use of the file drag-and-drop mechanism may lead to remote information disclosure due to a lack of verification of the origins of drag operations (bsc#1254473).
 - CVE-2025-14174: processing maliciously crafted web content may lead to memory corruption due to improper validation (bsc#1255497).
 - CVE-2025-43272: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1250439).
 - CVE-2025-43342: processing maliciously crafted web content may lead to an unexpected process crash due to a correctness issue and missing checks (bsc#1250440).
 - CVE-2025-43343: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1251975).
 - CVE-2025-43356: a website may be able to access sensor information without user consent due to improper cache handling (bsc#1250441).
 - CVE-2025-43368: processing maliciously crafted web content may lead to an unexpected process crash due to a use-after-free issue (bsc#1250442).
 - CVE-2025-43392: websites may exfiltrate image data cross-origin due to issues with cache handling (bsc#1254165).
 - CVE-2025-43419: processing maliciously crafted web content may lead to memory corruption due to improper memory handling (bsc#1254166).
 - CVE-2025-43421: processing maliciously crafted web content may lead to an unexpected process crash due to enabled array allocation sinking (bsc#1254167).
 - CVE-2025-43425: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1254168).
 - CVE-2025-43427: processing maliciously crafted web content may lead to an unexpected process crash due to issues with state management (bsc#1254169).
 - CVE-2025-43429: processing maliciously crafted web content may lead to an unexpected process crash due to a buffer overflow issue (bsc#1254174).
 - CVE-2025-43430: processing maliciously crafted web content may lead to an unexpected process crash due to issues with state management (bsc#1254172).
 - CVE-2025-43431: processing maliciously crafted web content may lead to memory corruption due to improper memory handling (bsc#1254170).
 - CVE-2025-43432: processing maliciously crafted web content may lead to an unexpected process crash due to a use-after-free issue (bsc#1254171).
 - CVE-2025-43434: processing maliciously crafted web content may lead to an unexpected process crash due to a use-after-free issue (bsc#1254179).
 - CVE-2025-43440: processing maliciously crafted web content may lead to an unexpected process crash due to missing checks (bsc#1254177).
 - CVE-2025-43443: processing maliciously crafted web content may lead to an unexpected process crash due to missing checks (bsc#1254176).
 - CVE-2025-43458: processing maliciously crafted web content may lead to an unexpected process crash due to issues with state management (bsc#1254498).
 - CVE-2025-43501: processing maliciously crafted web content may lead to an unexpected process crash due to a buffer overflow issue (bsc#1255194).
 - CVE-2025-43529: processing maliciously crafted web content may lead to arbitrary code execution due to a use-after-free issue (bsc#1255198).
 - CVE-2025-43531: processing maliciously crafted web content may lead to an unexpected process crash due to a race condition (bsc#1255183).
 - CVE-2025-43535: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1255195).
 - CVE-2025-43536: processing maliciously crafted web content may lead to an unexpected process crash due to a use-after-free issue (bsc#1255200).
 - CVE-2025-43541: processing maliciously crafted web content may lead to an unexpected process crash due to type confusion (bsc#1255191).
 - CVE-2025-66287: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1254509).

 Other issues fixed and changes:

 - Version 2.50.4:
 * Correctly handle the program name passed to the sleep disabler.
 * Ensure GStreamer is initialized before using the Quirks.
 * Fix several crashes and rendering issues.

 - Version 2.50.3:
 * Fix seeking and looping of media elements that set the loop property.
 * Fix several crashes and rendering issues.

 - Version 2.50.2:
 * Prevent unsafe URI schemes from participating in media playback.
 * Make jsc_value_array_buffer_get_data() function introspectable.
 * Fix logging in to Google accounts that have a WebAuthn second factor configured.
 * Fix loading webkit://gpu when there are no threads configured for GPU rendering.
 * Fix rendering gradiants that use the CSS hue interpolation method.
 * Fix pasting image data from the clipboard.
 * Fix font-family selection when the font name contains spaces.
 * Fix the build with standard C libraries that lack execinfo.h, like Musl or uClibc.
 * Fix capturing canvas snapshots in the Web Inspector.
 * Fix several crashes and rendering issues.

 - Version 2.50.1:
 * Improve text rendering performance.
 * Fix audio playback broken on instagram.
 * Fix rendering of layers with fractional transforms.
 * Fix the build with ENABLE(VIDEO) disabled.
 * Fix the build in s390x.
 * Fix several crashes and rendering issues.

 - Version 2.50.0:
 * Improved rendering performance by recording each layer once and replaying every dirty region in different worker threads.
 * Enable damage propagation to the UI process by default.
 * CSS property font-variant-emoji is now enabled by default.
 * Font synthesis properties (bold/italic) are now properly handled.
 * Ensure web view is focused on tap gesture.
 * Added new API to get the theme color of a WebKitWebView.

 - Version 2.49.90:
 * Add support for font collection / fragment identifiers.
 * Fix web process deadlock on exit.
 * Fix stuttering when playing WebP animations
 * Fix CSS animations with cubic-bezier timing function.
 * Do not start the MemoryPressureMonitor if its disabled
 * Fix several crashes and rendering issues.
 * Updated translations.

 - Version 2.48.6:
 * Fix emojis incorrectly rendered in their text variant.
 * Add support for font collection / fragment identifiers.
 * Fix web process deadlock on exit.
 * Fix stuttering when playing WebP animations.
 * Fix CSS animations with cubic-bezier timing function.
 * Do not start the MemoryPressureMonitor if it's disabled.
 * Fix several crashes and rendering issues.

 - Fix a11y regression where AT-SPI roles were mapped incorrectly.
 - Disable skia on ppc64le.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1250439

https://bugzilla.suse.com/1250440

https://bugzilla.suse.com/1250441

https://bugzilla.suse.com/1250442

https://bugzilla.suse.com/1251975

https://bugzilla.suse.com/1254164

https://bugzilla.suse.com/1254165

https://bugzilla.suse.com/1254166

https://bugzilla.suse.com/1254167

https://bugzilla.suse.com/1254168

https://bugzilla.suse.com/1254169

https://bugzilla.suse.com/1254170

https://bugzilla.suse.com/1254171

https://bugzilla.suse.com/1254172

https://bugzilla.suse.com/1254174

https://bugzilla.suse.com/1254175

https://bugzilla.suse.com/1254176

https://bugzilla.suse.com/1254177

https://bugzilla.suse.com/1254179

https://bugzilla.suse.com/1254208

https://bugzilla.suse.com/1254473

https://bugzilla.suse.com/1254498

https://bugzilla.suse.com/1254509

https://bugzilla.suse.com/1255183

https://bugzilla.suse.com/1255191

https://bugzilla.suse.com/1255194

https://bugzilla.suse.com/1255195

https://bugzilla.suse.com/1255198

https://bugzilla.suse.com/1255200

https://bugzilla.suse.com/1255497

https://www.suse.com/security/cve/CVE-2023-43000

https://www.suse.com/security/cve/CVE-2025-13502

https://www.suse.com/security/cve/CVE-2025-13947

https://www.suse.com/security/cve/CVE-2025-14174

https://www.suse.com/security/cve/CVE-2025-43272

https://www.suse.com/security/cve/CVE-2025-43342

https://www.suse.com/security/cve/CVE-2025-43343

https://www.suse.com/security/cve/CVE-2025-43356

https://www.suse.com/security/cve/CVE-2025-43368

https://www.suse.com/security/cve/CVE-2025-43392

https://www.suse.com/security/cve/CVE-2025-43419

https://www.suse.com/security/cve/CVE-2025-43421

https://www.suse.com/security/cve/CVE-2025-43425

https://www.suse.com/security/cve/CVE-2025-43427

https://www.suse.com/security/cve/CVE-2025-43429

https://www.suse.com/security/cve/CVE-2025-43430

https://www.suse.com/security/cve/CVE-2025-43431

https://www.suse.com/security/cve/CVE-2025-43432

https://www.suse.com/security/cve/CVE-2025-43434

https://www.suse.com/security/cve/CVE-2025-43440

https://www.suse.com/security/cve/CVE-2025-43443

https://www.suse.com/security/cve/CVE-2025-43458

https://www.suse.com/security/cve/CVE-2025-43480

https://www.suse.com/security/cve/CVE-2025-43501

https://www.suse.com/security/cve/CVE-2025-43529

https://www.suse.com/security/cve/CVE-2025-43531

https://www.suse.com/security/cve/CVE-2025-43535

https://www.suse.com/security/cve/CVE-2025-43536

https://www.suse.com/security/cve/CVE-2025-43541

https://www.suse.com/security/cve/CVE-2025-66287

Plugin Details

Severity: Critical

ID: 294939

File Name: openSUSE-2026-20065-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 1/22/2026

Updated: 1/22/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2025-66287

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2025-43343

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:webkit-jsc-6.0, p-cpe:/a:novell:opensuse:webkit2gtk4-minibrowser, p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-4_0, p-cpe:/a:novell:opensuse:webkit2gtk-4_1-injected-bundles, p-cpe:/a:novell:opensuse:webkitgtk-4.0-lang, p-cpe:/a:novell:opensuse:typelib-1_0-webkit2webextension-4_0, p-cpe:/a:novell:opensuse:typelib-1_0-webkit2-4_0, p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18, p-cpe:/a:novell:opensuse:libwebkit2gtk-4_1-0, p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles, p-cpe:/a:novell:opensuse:webkitgtk-6_0-injected-bundles, p-cpe:/a:novell:opensuse:webkit2gtk3-soup2-devel, cpe:/o:novell:opensuse:16.0, p-cpe:/a:novell:opensuse:webkit2gtk3-soup2-minibrowser, p-cpe:/a:novell:opensuse:typelib-1_0-webkit2webextension-4_1, p-cpe:/a:novell:opensuse:webkitgtk-4.1-lang, p-cpe:/a:novell:opensuse:webkit-jsc-4.1, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_1-0, p-cpe:/a:novell:opensuse:webkit2gtk3-devel, p-cpe:/a:novell:opensuse:typelib-1_0-webkit2-4_1, p-cpe:/a:novell:opensuse:libjavascriptcoregtk-6_0-1, p-cpe:/a:novell:opensuse:libwebkitgtk-6_0-4, p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-6_0, p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-4_1, p-cpe:/a:novell:opensuse:typelib-1_0-webkit-6_0, p-cpe:/a:novell:opensuse:webkit-jsc-4, p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser, p-cpe:/a:novell:opensuse:webkit2gtk4-devel, p-cpe:/a:novell:opensuse:webkitgtk-6.0-lang, p-cpe:/a:novell:opensuse:typelib-1_0-webkitwebprocessextension-6_0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/20/2026

Vulnerability Publication Date: 1/22/2024

CISA Known Exploited Vulnerability Due Dates: 1/2/2026, 1/5/2026

Reference Information

CVE: CVE-2023-43000, CVE-2025-13502, CVE-2025-13947, CVE-2025-14174, CVE-2025-43272, CVE-2025-43342, CVE-2025-43343, CVE-2025-43356, CVE-2025-43368, CVE-2025-43392, CVE-2025-43419, CVE-2025-43421, CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43434, CVE-2025-43440, CVE-2025-43443, CVE-2025-43458, CVE-2025-43480, CVE-2025-43501, CVE-2025-43529, CVE-2025-43531, CVE-2025-43535, CVE-2025-43536, CVE-2025-43541, CVE-2025-66287