Primary

Context

libgphoto2 Out-of-Bounds Read Vulnerability in PTP Unpacking Function

Vulnerability

A vulnerability allowing an out-of-bounds read has been identified in libgphoto2, a library for camera access and control. This issue exists in versions of libgphoto2 through 2.5.33. The vulnerability arises in the PTP (Picture Transfer Protocol) unpacking function 'ptp_unpack_EOS_FocusInfoEx', where insufficient size checks can lead to reading beyond the intended data boundaries. This flaw could be exploited to crash libgphoto2 while processing input from untrusted USB devices.

Impact

Exploitation of this vulnerability can cause a crash of the libgphoto2 library, disrupting any ongoing camera access or control operations.

Remediation

Users can update to the patched version of libgphoto2 available in the official GitHub repository.

Added: Apr 18, 2026, 12:25 AM

Updated: Apr 18, 2026, 12:25 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.0

remediation

0.0

relevance

6.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.0

remediation

0.0

relevance

6.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libgphoto2 Out-of-Bounds Read Vulnerability in PTP Unpacking Function

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating