In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.
{ "binaries": [ { "binary_name": "libexif12", "binary_version": "0.6.21-2ubuntu0.6" } ] }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40386.json"
{ "binaries": [ { "binary_name": "libexif12", "binary_version": "0.6.21-4ubuntu0.6" } ] }
{ "binaries": [ { "binary_name": "libexif12", "binary_version": "0.6.21-6ubuntu0.4" } ] }
{ "binaries": [ { "binary_name": "libexif12", "binary_version": "0.6.24-1build1" } ] }
{ "binaries": [ { "binary_name": "libexif12", "binary_version": "0.6.24-1build2" } ] }
{ "binaries": [ { "binary_name": "libexif12", "binary_version": "0.6.25-1" } ] }
{ "binaries": [ { "binary_name": "libexif12", "binary_version": "0.6.25-2" } ] }
{ "binaries": [ { "binary_name": "libexif12", "binary_version": "0.6.21-1ubuntu1+esm6" } ] }