Skip to main content
Skip table of contents

ISN 2025-32: Webkit Vulnerabilities

First published 12 August 2025

CVSS:3.1: 8.8 (High)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Multiple security vulnerabilities have been found in Webkit, a web browser engine used in IGEL OS. This affects the following product versions:

  • IGEL OS 12

  • IGEL OS 11

Details

Webkit contains three vulnerabilities that may lead to memory corruption when processing maliciously crafted web content (CVE-2025-24189, CVE-2025-31273, CVE-2025-31278, all high). CVE-2025-43227, rated high, may disclose sensitive user information. Finally, malicious web content can lead to an application crash (CVE-2025-6558, high).

Google is aware that an exploit for CVE-2025-6558 exists in the wild.

Update Instructions

  • OS 12: Update to IGEL OS 12 Base system app version 12.8.1 when available from the IGEL App Portal.

  • OS 11: Update to IGEL OS version 11.11.100 when available.

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close