CVE-2025-49589

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-49589

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-49589.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-49589

Aliases

GHSA-f494-4xf7-xj35

Downstream

UBUNTU-CVE-2025-49589

Published

2025-06-12T21:15:21Z

Modified

2025-07-01T16:33:08.830322Z

Summary

[none]

Details

PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. A stack-based buffer overflow exists in the Kprintf_HLE function of PCSX2 versions up to 2.3.414. Opening a disc image that logs a specially crafted message may allow a remote attacker to execute arbitrary code if the user enabled IOP Console Logging. This vulnerability is fixed in 2.3.414.

References

Affected packages

Debian:11 / pcsx2

Package

Name: pcsx2
Purl: pkg:deb/debian/pcsx2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.0+dfsg-1

1.6.0+dfsg-2

1.6.0+dfsg-2.1

1.6.0+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / pcsx2

Package

Name: pcsx2
Purl: pkg:deb/debian/pcsx2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.0+dfsg-2

1.6.0+dfsg-2.1

1.6.0+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / pcsx2

Package

Name: pcsx2
Purl: pkg:deb/debian/pcsx2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.0+dfsg-2

1.6.0+dfsg-2.1

1.6.0+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}