{
  "threat_severity" : "Moderate",
  "public_date" : "2026-04-12T18:16:30Z",
  "bugzilla" : {
    "description" : "libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling",
    "id" : "2457687",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2457687"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.0",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-190",
  "details" : [ "In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.", "A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information." ],
  "statement" : "This Moderate impact vulnerability in libexif affects 32-bit systems. A local attacker could trigger an integer overflow in the Nikon MakerNote handling, potentially leading to application crashes or information disclosure.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
    "release_date" : "2026-06-17T00:00:00Z",
    "advisory" : "RHSA-2026:26567",
    "cpe" : "cpe:/o:redhat:rhel_els:7",
    "package" : "libexif-0:0.6.22-3.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2026-05-26T00:00:00Z",
    "advisory" : "RHSA-2026:20929",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "libexif-0:0.6.22-6.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
    "release_date" : "2026-06-16T00:00:00Z",
    "advisory" : "RHSA-2026:26292",
    "cpe" : "cpe:/a:redhat:rhel_aus:8.4",
    "package" : "libexif-0:0.6.22-5.el8_4.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
    "release_date" : "2026-06-16T00:00:00Z",
    "advisory" : "RHSA-2026:26292",
    "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4",
    "package" : "libexif-0:0.6.22-5.el8_4.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
    "release_date" : "2026-06-16T00:00:00Z",
    "advisory" : "RHSA-2026:26191",
    "cpe" : "cpe:/a:redhat:rhel_aus:8.6",
    "package" : "libexif-0:0.6.22-5.el8_6.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
    "release_date" : "2026-06-16T00:00:00Z",
    "advisory" : "RHSA-2026:26191",
    "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.6",
    "package" : "libexif-0:0.6.22-5.el8_6.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
    "release_date" : "2026-06-16T00:00:00Z",
    "advisory" : "RHSA-2026:26190",
    "cpe" : "cpe:/a:redhat:rhel_tus:8.8",
    "package" : "libexif-0:0.6.22-5.el8_8.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
    "release_date" : "2026-06-16T00:00:00Z",
    "advisory" : "RHSA-2026:26190",
    "cpe" : "cpe:/a:redhat:rhel_e4s:8.8",
    "package" : "libexif-0:0.6.22-5.el8_8.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2026-06-03T00:00:00Z",
    "advisory" : "RHSA-2026:22553",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "libexif-0:0.6.22-6.el9_8.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
    "release_date" : "2026-06-16T00:00:00Z",
    "advisory" : "RHSA-2026:26276",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.2",
    "package" : "libexif-0:0.6.22-6.el9_2.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions",
    "release_date" : "2026-06-16T00:00:00Z",
    "advisory" : "RHSA-2026:26192",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.4",
    "package" : "libexif-0:0.6.22-6.el9_4.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support",
    "release_date" : "2026-06-16T00:00:00Z",
    "advisory" : "RHSA-2026:26224",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.6",
    "package" : "libexif-0:0.6.22-6.el9_6.1"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "libexif",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "libexif",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-40385\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-40385\nhttps://github.com/libexif/libexif/commit/93003b93e50b3d259bd2227d8775b73a53c35d58" ],
  "name" : "CVE-2026-40385",
  "mitigation" : {
    "value" : "On 32-bit systems, avoid processing untrusted image files that contain Nikon MakerNotes. This operational control reduces the risk of exploitation by preventing vulnerable applications from parsing malicious EXIF data.",
    "lang" : "en:us"
  },
  "csaw" : false
}