{"id":"MGASA-2026-0112","summary":"Updated libexif packages fix security vulnerabilities","details":"CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding\nMakerNotes. If the exif_mnote_data_get_value function gets passed in a 0\nsize, the passed in-buffer would be overwritten due to an integer\nunderflow.\nCVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer\noverflow in Nikon MakerNote handling could be used by local attackers to\ncause crashes or information leaks. This only affects 32bit systems.\nCVE-2026-40386: In libexif through 0.6.25, an integer underflow in size\nchecking for Fuji and Olympus MakerNote decoding could be used by\nattackers to crash or leak information out of libexif-using programs.\n","modified":"2026-05-07T05:15:39.239151Z","published":"2026-05-07T05:06:13Z","upstream":["CVE-2026-32775","CVE-2026-40385","CVE-2026-40386"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2026-0112.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=35368"},{"type":"WEB","url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2026&m=slackware-security.368011"}],"affected":[{"package":{"name":"libexif","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/libexif?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.26-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0112.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}