Out-of-bounds Write Vulnerability in libretro-common by Libretro
CVE-2025-9809

8.4HIGH

Key Information:

Vendor: Libretro
Status: Libretro-common
Vendor: CVE Published:; 1 September 2025

What is CVE-2025-9809?

The libretro-common library from Libretro is vulnerable to an out-of-bounds write due to improper handling of .cue files. Attackers can exploit this vulnerability by crafting malicious .cue files that contain file paths exceeding the defined PATH_MAX_LENGTH. When such a file is processed, the library uses memcpy to copy the path into a fixed-size buffer, potentially allowing remote attackers to execute arbitrary code on the affected system. This vulnerability affects the latest version of libretro-common on all platforms.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

libretro-common 0

References

https://github.com/libretro/libretro-common/blob/master/f...

https://github.com/libretro/libretro-common/issues/222

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Sep 1, 2025
Vulnerability Reserved
Sep 1, 2025

Credit

Simcha Kosman

JSON

Libretro

What is CVE-2025-9809?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.