Security update for chromium SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:0148-1 Final 1 1 2025-05-09T08:46:23Z current 2025-05-09T08:46:23Z 2025-05-09T08:46:23Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chromium This update for chromium fixes the following issues: Chromium 136.0.7103.92 (boo#1242717) * CVE-2025-4372: Use after free in WebAudio The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2025-148 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NMSTEGEYUKANHYKOUF4HFDK5NBX6Y4VE/ E-Mail link for openSUSE-SU-2025:0148-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1242717 SUSE Bug 1242717 https://www.suse.com/security/cve/CVE-2025-4372/ SUSE CVE CVE-2025-4372 page SUSE Package Hub 15 SP6 openSUSE Leap 15.6 chromedriver-136.0.7103.92-bp156.2.116.1 chromium-136.0.7103.92-bp156.2.116.1 chromedriver-136.0.7103.92-bp156.2.116.1 as a component of SUSE Package Hub 15 SP6 chromium-136.0.7103.92-bp156.2.116.1 as a component of SUSE Package Hub 15 SP6 chromedriver-136.0.7103.92-bp156.2.116.1 as a component of openSUSE Leap 15.6 chromium-136.0.7103.92-bp156.2.116.1 as a component of openSUSE Leap 15.6 Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2025-4372 SUSE Package Hub 15 SP6:chromedriver-136.0.7103.92-bp156.2.116.1 SUSE Package Hub 15 SP6:chromium-136.0.7103.92-bp156.2.116.1 openSUSE Leap 15.6:chromedriver-136.0.7103.92-bp156.2.116.1 openSUSE Leap 15.6:chromium-136.0.7103.92-bp156.2.116.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NMSTEGEYUKANHYKOUF4HFDK5NBX6Y4VE/ https://www.suse.com/security/cve/CVE-2025-4372.html CVE-2025-4372 https://bugzilla.suse.com/1242717 SUSE Bug 1242717