CNNVD-202508-2064 Information
CNNVD ID
CNNVD-202508-2064
Related CVE
- CNNVD Published: 2025-08-19
Description (Chinese)
RetroArch是Libretro开源的一个 Libretro API 的参考前端。 RetroArch 1.18.0版本、1.19.0版本和1.20.0版本存在安全漏洞,该漏洞源于filestream_vscanf函数存在越界读取,可能导致本地攻击。
Description (English)
Retroarch is a reference front-end for Libretro API. There is a security loophole in Retroarch Version 1.18.0, 1.19.0 and 1.20.0, which stems from the cross-border reading of the Filestream vscanf function, which may lead to local attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Libretro
Published
2025-08-19
Last Modified
2026-02-24
References
https://vuldb.com/?id.320516 https://vuldb.com/?submit.617657 https://vuldb.com/?ctiid.320516 https://github.com/libretro/RetroArch/releases/tag/v1.21.0 https://github.com/libretro/RetroArch/pull/17555/commits/6446f045ec7fc6a5cac3e8ec35a2f0a5889c88e8 https://github.com/libretro/RetroArch/pull/17555#issuecomment-2651403849 https://access.redhat.com/security/cve/cve-2025-9136 https://vigilance.fr/vulnerability/libretro-out-of-bounds-memory-reading-via-filestream-vscanf-49197 https://nvd.nist.gov/vuln/detail/CVE-2025-9136
Patch
https://www.retroarch.com/?page=platforms
Share on: