Volerion logoVolerion
Volerion logoVolerion

libretro RetroArch Out-of-Bounds Read Vulnerability in filestream_vscanf Function

Vulnerability

A vulnerability allowing out-of-bounds read has been identified in libretro RetroArch versions 1.18.0, 1.19.0, and 1.20.0. The issue arises in the filestream_vscanf function within the file libretro-common/streams/file_stream.c. This vulnerability is caused by improper handling of the return value from sscanf(), which can lead to the use of an uninitialized or attacker-controlled variable. Exploitation of this flaw requires local access.

Impact

Exploitation of this vulnerability causes an out-of-bounds read, which can lead to memory leaks, exposure of sensitive data, or application instability.

Reproduction

The vulnerability can be reproduced by crafting malicious format strings that are passed to the filestream_vscanf function. These format strings can manipulate the sublen variable, which is used to control a buffer iterator, leading to out-of-bounds memory access.

Remediation

Users are advised to upgrade to libretro RetroArch version 1.21.0, which addresses this vulnerability.

Added: Aug 19, 2025, 12:17 PM
Updated: Aug 19, 2025, 2:25 PM

Vulnerability Rating

Custom Algorithm
spread
6.6
impact
0.6
exploitability
4.3
remediation
7.7
relevance
0.4
threat
4.8
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.