PT-2026-33529 · Unknown · Libgphoto2
Published
2026-04-17
·
Updated
2026-04-25
·
CVE-2026-40335
CVSS v3.1
5.2
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
libgphoto2 versions prior to 2.5.34
Description
An out-of-bounds read exists in the
ptp unpack DPV() function within camlibs/ptp2/ptp-pack.c. The issue occurs during the handling of UINT128 and INT128 cases, where the *offset variable is advanced by 16 bytes without verifying that sufficient space remains in the buffer. The existing check only ensures that at least one byte is available, potentially leaving up to 15 bytes unvalidated.Recommendations
Update to version 2.5.34 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libgphoto2