libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

CLSA-2026-1776791358 libexif: Fix of 3 CVEs

CVE-2026-32775: fix buffer overwrite via integer underflow in MakerNote entry value handling - CVE-2026-40385: fix unsigned 32-bit integer overflow in Nikon MakerNote handling - CVE-2026-40386: fix integer underflow in Fuji/Olympus MakerNote size checks...

CLSA-2026-1776768816 libexif: Fix of 3 CVEs

CVE-2026-32775: fix buffer overwrite via integer underflow in MakerNote entry value handling - CVE-2026-40385: fix unsigned 32-bit integer overflow in Nikon MakerNote handling - CVE-2026-40386: fix integer underflow in Fuji/Olympus MakerNote size checks...

JLSEC-2026-152 In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote...

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

OESA-2026-1987 libexif security update

Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. Security Fixes: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...

EUVD-2026-21734

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

UBUNTU-CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

CVE-2026-40386

CVE-2026-40386 affects libexif up to 0.6.25, with an integer underflow in size checking for Fuji and Olympus MakerNote decoding that can cause crashes and information leakage. A patched version is available (>= 0.6.24-3 per affected advisories); update to mitigate.