Description
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptp_unpack_EOS_FocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known workarounds are available.
Published: 2026-04-17
Score: 3.5 Low
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch
AI Analysis

Impact

libgphoto2 contains a buffer over‑read in the function ptp_unpack_EOS_FocusInfoEx that can be triggered by crafted data from an untrusted USB device, causing the library to read beyond allocated memory and crash. This results in a denial‑of‑service condition for any application that relies on libgphoto2, and could destabilise the host system if the crash propagates. The weakness is classified as CWE-126.

Affected Systems

The vulnerability affects the open‑source libgphoto2 camera access library, versions up to and including 2.5.33. Systems that use these versions to communicate with cameras over USB and receive data from potentially untrusted peripherals are at risk.

Risk and Exploitability

With a CVSS score of 3.5 the technical severity is low. The EPSS score is currently not available and the vulnerability is not listed in CISA’s KEV catalog, so the likelihood of widespread exploitation is limited. The most likely attack vector is a local attacker who can connect a malicious USB device to a system running libgphoto2; from there the attacker can supply malformed packets to induce the over‑read and force a crash. No attacker privileges beyond local USB access are required, and the flaw does not allow remote code execution.

Generated by OpenCVE AI on April 18, 2026 at 08:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade libgphoto2 to a version later than 2.5.33, applying the patch introduced in commit c385b34af260595dfbb5f9329526be5158985987.
  • Restrict the use of libgphoto2 to trusted USB devices or isolate its operation from untrusted peripherals until an update is available.
  • Monitor the official gphoto2 repository and security advisories for any additional mitigations or notices about this issue.

Generated by OpenCVE AI on April 18, 2026 at 08:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Description libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptp_unpack_EOS_FocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known workarounds are available.
Title libgphoto2 has an OOB Read in ptp_unpack_EOS_FocusInfoEx
Weaknesses CWE-126
References
Metrics cvssV3_1

{'score': 3.5, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-17T23:48:36.644Z

Reserved: 2026-04-10T22:50:01.358Z

Link: CVE-2026-40341

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-18T00:16:38.220

Modified: 2026-04-18T00:16:38.220

Link: CVE-2026-40341

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T08:45:41Z

Weaknesses