Linuxsecurity
SUSE Addresses Multiple Critical Vulnerabilities in Webkit2gtk3 and Libheif
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
SUSE has released important updates for webkit2gtk3 and libheif to address multiple vulnerabilities. The webkit2gtk3 update (version 2.52.4) fixes five CVEs, including CVE-2026-28847, which can lead to arbitrary code execution due to a heap buffer overflow. The libheif update (version 1.23.0) resolves seven CVEs, such as CVE-2026-32740, which involves a heap buffer overflow that could lead to denial of service. Both updates are critical for users relying on these libraries, as they involve processing maliciously crafted content that could crash applications or allow unauthorized access. Users are advised to apply the patches immediately to mitigate these risks.
Key Points: • SUSE patched critical vulnerabilities in webkit2gtk3 and libheif affecting multiple systems. • CVE-2026-28847 allows for arbitrary code execution via a heap buffer overflow. • Immediate patching is recommended to prevent potential exploitation of these vulnerabilities.