Home / mailings [USN-8166-1] RetroArch vulnerability
Posted on 13 April 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-8166-1
April 12, 2026
retroarch vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
Summary:
RetroArch could be made to crash or run programs as your login if it opened
a specially crafted file.
Software Description:
- retroarch: A frontend for emulators, game engines and media players
Details:
It was discovered that RetroArch did not correctly handle certain memory
operations, which could lead to a buffer overflow. If a user or automated
system were tricked into opening a specially crafted file, an attacker
could possibly use this issue to cause a denial of service or execute
arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
retroarch 1.20.0+dfsg-3ubuntu0.1
retroarch-dev 1.20.0+dfsg-3ubuntu0.1
Ubuntu 24.04 LTS
retroarch 1.18.0+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
retroarch-dev 1.18.0+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8166-1
CVE-2025-9809
Package Information:
https://launchpad.net/ubuntu/+source/retroarch/1.20.0+dfsg-3ubuntu0.1
--===============8474250347720433336==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
