Ubuntu Security Notices USN-8166-1 USN-8166-1: RetroArch vulnerability Publication date 12 April 2026 Overview RetroArch could be made to crash or run programs as your login if it opened a specially crafted file. Releases 25.10 24.04 LTS Open side navigation Close side navigation Packages Details Update instructions References Packages retroarch - A frontend for emulators, game engines and media players Details It was discovered that RetroArch did not correctly handle certain memory operations, which could lead to a buffer overflow. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10. It was discovered that RetroArch did not correctly handle certain memory operations, which could lead to a buffer overflow. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10. Update instructions In general, a standard system update will make all the necessary changes. Learn more about how to get the fixes. The problem can be corrected by updating your system to the following package versions: Ubuntu Release Package Version 25.10 questing retroarch – 1.20.0+dfsg-3ubuntu0.1 retroarch-dev – 1.20.0+dfsg-3ubuntu0.1 24.04 LTS noble retroarch – 1.18.0+dfsg-1ubuntu0.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. retroarch-dev – 1.18.0+dfsg-1ubuntu0.1~esm1 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. Reduce your security exposure Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines. Get Ubuntu Pro References CVE-2025-9809 CVE-2025-9809