{"id":"CLSA-2026-1776768816","summary":"libexif: Fix of 3 CVEs","details":"- CVE-2026-32775: fix buffer overwrite via integer underflow in MakerNote\n  entry value handling\n- CVE-2026-40385: fix unsigned 32-bit integer overflow in Nikon MakerNote\n  handling\n- CVE-2026-40386: fix integer underflow in Fuji/Olympus MakerNote size\n  checks","modified":"2026-05-27T11:17:10.561958537Z","published":"2026-04-21T10:53:41Z","upstream":["CVE-2026-32775","CVE-2026-40385","CVE-2026-40386"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2026-1776768816.html"}],"affected":[{"package":{"name":"libexif","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/libexif?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.22-6.el9.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1776768816.json"}},{"package":{"name":"libexif-devel","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/libexif-devel?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.22-6.el9.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1776768816.json"}},{"package":{"name":"libexif-doc","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/libexif-doc?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.22-6.el9.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1776768816.json"}}],"schema_version":"1.7.5"}