13 matches found
Moderate: Red Hat Security Advisory: libexif security update
An update for libexif is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RLSA-2026:22553 Moderate: libexif security update
The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service and information disclosure via integer...
RockyLinux 10 : libexif (RLSA-2026:22529)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22529 advisory. libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding CVE-2026-40386 Tenable has extracted the preceding...
Moderate: Red Hat Security Advisory: libexif security update
An update for libexif is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Oracle Linux 8 : libexif (ELSA-2026-20929)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20929 advisory. - Fix integer underflow in MakerNote decoding CVE-2026-40386 Tenable has extracted the preceding description block directly from the Oracle Linux...
libexif security update
0.6.22-6 - Fix integer underflow in MakerNote decoding CVE-2026-40386 - Fix integer overflow in Nikon MakerNote handling CVE-2026-40385 Resolves: RHEL-170243, RHEL-170220...
[SECURITY] [DLA 4558-1] libexif security update
Debian LTS Advisory DLA-4558-1 [email protected] https://www.debian.org/lts/security/ Emmanuel Arias May 01, 2026 https://wiki.debian.org/LTS Package : libexif Version : 0.6.22-3+deb11u1 CVE ID : CVE-2026-32775 CVE-2026-40385 CVE-2026-40386 Debian Bug : 1131116 1133922 1133923 Three...
Fedora 42 : libexif (2026-b01307dc4d)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b01307dc4d advisory. Update to 0.6.26, fixing several CVEs https://github.com/libexif/libexif/releases/tag/v0.6.26 Tenable has extracted the preceding description block...
Fedora 44 : libexif (2026-fd361a6f7f)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fd361a6f7f advisory. Update to 0.6.26, fixing several CVEs https://github.com/libexif/libexif/releases/tag/v0.6.26 Tenable has extracted the preceding description block...
[slackware-security] libexif
New libexif packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libexif-0.6.26-i586-1slack15.0.txz: Upgraded. This update fixes security issues: An unsigned integer underflow in Fuji and Olympus...
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.
...
CVE-2026-40386
CVE-2026-40386 affects libexif up to 0.6.25, with an integer underflow in size checking for Fuji and Olympus MakerNote decoding that can cause crashes and information leakage. A patched version is available (>= 0.6.24-3 per affected advisories); update to mitigate.
Linux Distros Unpatched Vulnerability : CVE-2026-40386
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information...