CVE-2026-40386

NameCVE-2026-40386
DescriptionIn libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-4558-1
Debian Bugs1133923

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libexif (PTS)bullseye0.6.22-3vulnerable
bullseye (security)0.6.22-3+deb11u1fixed
bookworm0.6.24-1vulnerable
trixie0.6.25-1vulnerable
forky, sid0.6.26-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libexifsourcebullseye0.6.22-3+deb11u1DLA-4558-1
libexifsource(unstable)0.6.26-11133923

Notes

[trixie] - libexif <no-dsa> (Minor issue)
[bookworm] - libexif <no-dsa> (Minor issue)
Fixed by: https://github.com/libexif/libexif/commit/dc6eac6e9655d14d0779d99e82d0f5f442d2f34b
Search for package or bug name: Reporting problems