Source: konsole Version: 4:25.04.0-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: close -1 4:25.04.0-2 Control: found -1 4:22.12.3-1
Hi, The following vulnerability was published for konsole. CVE-2025-49091[0]: | KDE Konsole before 25.04.2 allows remote code execution in a certain | scenario. It supports loading URLs from the scheme handlers such as | a ssh:// or telnet:// or rlogin:// URL. This can be executed | regardless of whether the ssh, telnet, or rlogin binary is | available. In this mode, there is a code path where if that binary | is not available, Konsole falls back to using /bin/bash for the | given arguments (i.e., the URL) provided. This allows an attacker to | execute arbitrary code. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-49091 https://www.cve.org/CVERecord?id=CVE-2025-49091 [1] https://www.openwall.com/lists/oss-security/2025/06/10/5 [2] https://kde.org/info/security/advisory-20250609-1.txt [3] https://invent.kde.org/utilities/konsole/-/commit/09d20dea109050b4c02fb73095f327b5642a2b75 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
