Debian dla-4276 : gir1.2-javascriptcoregtk-4.0 - security update

🗓️ 20 Aug 2025 00:00:00Reported by TenableType

Debian LTS DLA-4276: webkit2gtk 2.48.5-1~deb11u1 security update for multiple CVEs.

Reporter	Title	Published	Views	Family All 426
Tenable Nessus	Amazon Linux 2 : webkitgtk4 (ALAS-2025-2970)	19 Aug 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : webkit2gtk3 (ALSA-2025:13780)	14 Aug 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : webkit2gtk3 (ALSA-2025:13782)	14 Aug 202500:00	–	nessus
Tenable Nessus	Apple TV < 18.6 Multiple Vulnerabilities (124153)	13 Aug 202500:00	–	nessus
Tenable Nessus	Apple iOS < 18.6 Multiple Vulnerabilities (124147)	30 Jul 202500:00	–	nessus
Tenable Nessus	Debian dsa-5963 : chromium - security update	17 Jul 202500:00	–	nessus
Tenable Nessus	Debian dsa-5978 : gir1.2-javascriptcoregtk-4.0 - security update	18 Aug 202500:00	–	nessus
Tenable Nessus	Fedora 41 : chromium (2025-3c3f7d86db)	20 Jul 202500:00	–	nessus
Tenable Nessus	Fedora 42 : webkitgtk (2025-61ca72f430)	7 Aug 202500:00	–	nessus
Tenable Nessus	Fedora 41 : webkitgtk (2025-9b8165a4b3)	25 Aug 202500:00	–	nessus

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/source-package/webkit2gtk
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-31273
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-31278
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-43211
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-43212
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-43216
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-43227
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-43228
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-43240
security-tracker	www.security-tracker.debian.org/tracker/CVE-2025-43265

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-4276. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('compat.inc');

if (description)
{
  script_id(252959);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/20");

  script_cve_id(
    "CVE-2025-6558",
    "CVE-2025-31273",
    "CVE-2025-31278",
    "CVE-2025-43211",
    "CVE-2025-43212",
    "CVE-2025-43216",
    "CVE-2025-43227",
    "CVE-2025-43228",
    "CVE-2025-43240",
    "CVE-2025-43265"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2025/08/12");

  script_name(english:"Debian dla-4276 : gir1.2-javascriptcoregtk-4.0 - security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
  script_set_attribute(attribute:"description", value:
"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the
dla-4276 advisory.

    - -------------------------------------------------------------------------
    Debian LTS Advisory DLA-4276-1                [email protected]
    https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
    August 20, 2025                               https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : webkit2gtk
    Version        : 2.48.5-1~deb11u1
    CVE ID         : CVE-2025-6558 CVE-2025-31273 CVE-2025-31278 CVE-2025-43211
                     CVE-2025-43212 CVE-2025-43216 CVE-2025-43227 CVE-2025-43228
                     CVE-2025-43240 CVE-2025-43265

    The following vulnerabilities have been discovered in the WebKitGTK
    web engine:

    CVE-2025-6558

        Clement Lecigne and Vlad Stolyarov discovered that processing
        maliciously crafted web content may lead to an unexpected crash.

    CVE-2025-31273

        Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei discovered that
        processing maliciously crafted web content may lead to memory
        corruption.

    CVE-2025-31278

        Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei discovered that
        processing maliciously crafted web content may lead to memory
        corruption.

    CVE-2025-43211

        Yuhao Hu, Yan Kang, Chenggang Wu, and Xiaojie Wei discovered that
        processing web content may lead to a denial-of-service.

    CVE-2025-43212

        Nan Wang and Ziling Chen discovered that processing maliciously
        crafted web content may lead to an unexpected crash.

    CVE-2025-43216

        Ignacio Sanmillan discovered that processing maliciously crafted
        web content may lead to an unexpected crash.

    CVE-2025-43227

        Gilad Moav discovered that processing maliciously crafted web
        content may disclose sensitive user information.

    CVE-2025-43228

        Jaydev Ahire discovered that visiting a malicious website may lead
        to address bar spoofing.

    CVE-2025-43240

        Syarif Muhammad Sajjad discovered that a download's origin may be
        incorrectly associated.

    CVE-2025-43265

        HexRabbit discovered that processing maliciously crafted web
        content may disclose internal states of the app.

    For Debian 11 bullseye, these problems have been fixed in version
    2.48.5-1~deb11u1.

    We recommend that you upgrade your webkit2gtk packages.

    For the detailed security status of webkit2gtk please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/webkit2gtk

    Further information about Debian LTS security advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/webkit2gtk");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-31273");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-31278");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-43211");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-43212");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-43216");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-43227");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-43228");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-43240");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-43265");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2025-6558");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/bullseye/webkit2gtk");
  script_set_attribute(attribute:"solution", value:
"Upgrade the gir1.2-javascriptcoregtk-4.0 packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-6558");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/07/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/08/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gir1.2-javascriptcoregtk-4.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gir1.2-webkit2-4.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjavascriptcoregtk-4.0-18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjavascriptcoregtk-4.0-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjavascriptcoregtk-4.0-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-37");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:webkit2gtk-driver");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);

var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(11)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);

var pkgs = [
    {'release': '11.0', 'prefix': 'gir1.2-javascriptcoregtk-4.0', 'reference': '2.48.5-1~deb11u1'},
    {'release': '11.0', 'prefix': 'gir1.2-webkit2-4.0', 'reference': '2.48.5-1~deb11u1'},
    {'release': '11.0', 'prefix': 'libjavascriptcoregtk-4.0-18', 'reference': '2.48.5-1~deb11u1'},
    {'release': '11.0', 'prefix': 'libjavascriptcoregtk-4.0-bin', 'reference': '2.48.5-1~deb11u1'},
    {'release': '11.0', 'prefix': 'libjavascriptcoregtk-4.0-dev', 'reference': '2.48.5-1~deb11u1'},
    {'release': '11.0', 'prefix': 'libwebkit2gtk-4.0-37', 'reference': '2.48.5-1~deb11u1'},
    {'release': '11.0', 'prefix': 'libwebkit2gtk-4.0-dev', 'reference': '2.48.5-1~deb11u1'},
    {'release': '11.0', 'prefix': 'libwebkit2gtk-4.0-doc', 'reference': '2.48.5-1~deb11u1'},
    {'release': '11.0', 'prefix': 'webkit2gtk-driver', 'reference': '2.48.5-1~deb11u1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var _release = NULL;
  var prefix = NULL;
  var reference = NULL;
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (_release && prefix && reference) {
    if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : deb_report_get()
  );
  exit(0);
}
else
{
  var tested = deb_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gir1.2-javascriptcoregtk-4.0 / gir1.2-webkit2-4.0 / etc');
}

20 Aug 2025 00:00Current

7High risk

Vulners AI Score7

CVSS 3.18.8

EPSS0.00934

SSVC