Description:
CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding
MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0
size, the passed in-buffer would be overwritten due to an integer
underflow.
CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer
overflow in Nikon MakerNote handling could be used by local attackers to
cause crashes or information leaks. This only affects 32bit systems.
CVE-2026-40386: In libexif through 0.6.25, an integer underflow in size
checking for Fuji and Olympus MakerNote decoding could be used by
attackers to crash or leak information out of libexif-using programs.
- https://bugs.mageia.org/show_bug.cgi?id=35368
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2026&m=slackware-security.368011
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32775
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40385
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40386
- 9/core/libexif-0.6.26-1.mga9
Get the latest Linux and open source security news straight to your inbox.