Skip to main content

Red Hat EUVDEUVD-2026-21732

| CVE-2026-40385 MEDIUM
Integer Overflow or Wraparound (CWE-190)
2026-04-12 mitre GHSA-j9xr-5c85-xjhm
4.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.0 MEDIUM
AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
SUSE
7.1 HIGH
AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
Red Hat
4.0 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
Low

Lifecycle Timeline

5
Patch released
Apr 19, 2026 - 08:30 nvd
Patch available
Analysis Generated
Apr 12, 2026 - 18:54 vuln.today
EUVD ID Assigned
Apr 12, 2026 - 18:45 euvd
EUVD-2026-21732
Analysis Generated
Apr 12, 2026 - 18:45 vuln.today
CVE Published
Apr 12, 2026 - 18:16 nvd
MEDIUM 4.0

DescriptionCVE.org

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.

AnalysisAI

Integer overflow in libexif through 0.6.25 Nikon MakerNote handling allows local attackers on 32-bit systems to trigger crashes or read sensitive memory, requiring high attack complexity and no user interaction. This affects only 32-bit architectures due to the integer arithmetic involved; EPSS probability is low given the local-only attack vector and high complexity prerequisite, but patch availability is currently unconfirmed.

Technical ContextAI

libexif is a widely-used C library for parsing EXIF metadata embedded in image files. The vulnerability resides in the Nikon MakerNote parser, a Nikon-proprietary extension to EXIF that stores camera-specific metadata. An unsigned 32-bit integer overflow in this parser (CWE-190: Integer Overflow or Wraparound) occurs when processing specially crafted Nikon MakerNote data structures. On 32-bit systems, when unsigned integer arithmetic wraps around due to insufficient bounds checking, it can cause heap or stack buffer overflows, leading to memory corruption. The condition is limited to 32-bit platforms because 64-bit systems have a larger address space that may prevent the same overflow condition from producing exploitable memory layouts.

RemediationAI

Upgrade libexif to a patched version beyond 0.6.25 (exact patched version not independently confirmed from available references, but upstream fix is available at GitHub commit 93003b93e50b3d259bd2227d8775b73a53c35d58). Verify availability of a stable release incorporating this fix from the libexif project repository (https://github.com/libexif/libexif). For systems unable to upgrade immediately, restrict processing of EXIF metadata from untrusted image sources and consider sandboxing image parsing operations. Prioritize 32-bit deployments; 64-bit systems face significantly lower risk.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed

Share

EUVD-2026-21732 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy