libgphoto2 is a camera access and control library
The libgphoto2 library has an out-of-bounds read vulnerability in the `ptp_unpack_OI()` function, which can be exploited when processing certain camera data. This can cause the library to crash or potentially execute arbitrary code. The issue is fixed in a recent commit.
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read vulnerability in `ptp_unpack_OI()` in `camlibs/ptp2/ptp-pack.c` (lines 530–563). The function validates `len < PTP_oi_SequenceNumber` (i.e., len < 48) but subsequently accesses offsets 48–56, up to 9 bytes beyond the validated boundary, via the Samsung Galaxy 64-bit objectsize detection heuristic. Commit 7c7f515bc88c3d0c4098ac965d313518e0ccbe33 fixes the issue.
Developers using libgphoto2 to access and control cameras are at risk of crashing or executing arbitrary code when processing untrusted camera data.
Monitor & Review
Low severity — keep this CVE on your radar and patch during routine maintenance.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
0
Affected Products
2
References
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Exploitability
Impact