NuytsTech Security

CVE-2025-9809

by ·

Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATH_MAX_LENGTH that is copied using memcpy into a fixed-size buffer.

More information : https://github.com/libretro/libretro-common/blob/master/formats/cdfs/cdfs.c#L471

Tags: