CVE-2025-49091 Common Vulnerabilities and Exposures

Upstream information

CVE-2025-49091 at MITRE

Description

KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code path where if that binary is not available, Konsole falls back to using /bin/bash for the given arguments (i.e., the URL) provided. This allows an attacker to execute arbitrary code.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

CVSS v3 Scores
	CNA (MITRE)
Base Score	8.2
Vector	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L
Attack Vector	Network
Attack Complexity	High
Privileges Required	None
User Interaction	Required
Scope	Changed
Confidentiality Impact	High
Integrity Impact	High
Availability Impact	Low
CVSSv3 Version	3.1

SUSE Bugzilla entry: 1244569 [RESOLVED / FIXED]

SUSE Security Advisories:

RHSA-2025:12346, published Mon Aug 4 15:07:13 UTC 2025

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Liberty Linux 7 LTSS	`konsole >= 4.10.5-5.el7_9.1` `konsole-part >= 4.10.5-5.el7_9.1`	Patchnames: RHSA-2025:12346
SUSE Package Hub 15 SP6	`konsole >= 23.08.5-bp156.2.3.1` `konsole-part >= 23.08.5-bp156.2.3.1` `konsole-part-lang >= 23.08.5-bp156.2.3.1` `konsole-zsh-completion >= 23.08.5-bp156.2.3.1`	Patchnames: openSUSE-2025-206
openSUSE Leap 15.6	`konsole >= 23.08.5-bp156.2.3.1` `konsole-part >= 23.08.5-bp156.2.3.1` `konsole-part-lang >= 23.08.5-bp156.2.3.1` `konsole-zsh-completion >= 23.08.5-bp156.2.3.1`	Patchnames: openSUSE-2025-206

SUSE Timeline for this CVE

CVE page created: Tue Jun 10 21:00:01 2025
CVE page last modified: Thu Aug 14 18:25:46 2025