From Salvatore Bonaccorso@21:1/5 to All on Wed Jun 11 20:40:01 2025
Source: konsole
Version: 4:25.04.0-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Control: close -1 4:25.04.0-2
Control: found -1 4:22.12.3-1
Hi,
The following vulnerability was published for konsole.
CVE-2025-49091[0]:
| KDE Konsole before 25.04.2 allows remote code execution in a certain
| scenario. It supports loading URLs from the scheme handlers such as
| a ssh:// or telnet:// or rlogin:// URL. This can be executed
| regardless of whether the ssh, telnet, or rlogin binary is
| available. In this mode, there is a code path where if that binary
| is not available, Konsole falls back to using /bin/bash for the
| given arguments (i.e., the URL) provided. This allows an attacker to
| execute arbitrary code.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.