CVE-2026-40338

CVSS v3.1

5.2

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Name of the Vulnerable Software and Affected Versions libgphoto2 versions prior to 2.5.34

Description An out-of-bounds read exists in the PTP DPFF Enumeration case of the ptp unpack Sony DPD() function within camlibs/ptp2/ptp-pack.c. The function reads a 2-byte enumeration count N via dtoh16o(data, *poffset) without verifying if 2 bytes remain in the buffer.

Recommendations Update to version 2.5.34 or later.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2026-40338

OESA-2026-2067

OESA-2026-2068

OESA-2026-2069

OESA-2026-2070

OESA-2026-2071

Affected Products

Libgphoto2

CVE-2026-40338

Weakness Enumeration

Related Identifiers

Affected Products

References · 25