PT-2026-33537 · Unknown · Libgphoto2
Published
2026-04-17
·
Updated
2026-04-25
·
CVE-2026-40339
CVSS v3.1
5.2
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
libgphoto2 versions prior to 2.5.34
Description
An out-of-bounds read exists in the
ptp unpack Sony DPD() function within camlibs/ptp2/ptp-pack.c. The issue occurs because the function reads the FormFlag byte using dtoh8o(data, *poffset) without performing a prior bounds check, unlike the standard ptp unpack DPD() function which validates the offset against the data length.Recommendations
Update to version 2.5.34 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libgphoto2