Red Hat Product Errata RHSA-2026:22553 - Security Advisory Issued: 2026-06-02 Updated: 2026-06-02 RHSA-2026:22553 - Security Advisory Overview Updated Packages Synopsis Moderate: libexif security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for libexif is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The libexif packages provide a library for extracting extra information from image files. Security Fix(es): libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling (CVE-2026-40385) libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding (CVE-2026-40386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.8 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2457687 - CVE-2026-40385 libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling BZ - 2457689 - CVE-2026-40386 libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding CVEs CVE-2026-40385 CVE-2026-40386 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a x86_64 libexif-0.6.22-6.el9_8.1.i686.rpm SHA-256: bdb387bc40eebfc8f047e81b752bde53dce5a246326a597a9c31674fe63ab2d1 libexif-0.6.22-6.el9_8.1.x86_64.rpm SHA-256: 92e35eefdaabe72dec90dbcbc270bd0de802a8dd386ab5bd835967b23fc055f2 libexif-debuginfo-0.6.22-6.el9_8.1.i686.rpm SHA-256: 6ae6b32721dfa34a0af956f995593643013ecb137d867b2104c8669a955cc3e4 libexif-debuginfo-0.6.22-6.el9_8.1.x86_64.rpm SHA-256: dd806368f251a46a2875531e51f38f39453674a19aa48d6670daa43ba0708ee6 libexif-debugsource-0.6.22-6.el9_8.1.i686.rpm SHA-256: 39c409e0de6f47c91dbdaeab4e4e6131a419165d2b834f7e7736127594307757 libexif-debugsource-0.6.22-6.el9_8.1.x86_64.rpm SHA-256: d6372d9a81bc7ab2f56d2a0a82bf4321a7a5fcb6682f96463ae37407f13e387a Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a x86_64 libexif-0.6.22-6.el9_8.1.i686.rpm SHA-256: bdb387bc40eebfc8f047e81b752bde53dce5a246326a597a9c31674fe63ab2d1 libexif-0.6.22-6.el9_8.1.x86_64.rpm SHA-256: 92e35eefdaabe72dec90dbcbc270bd0de802a8dd386ab5bd835967b23fc055f2 libexif-debuginfo-0.6.22-6.el9_8.1.i686.rpm SHA-256: 6ae6b32721dfa34a0af956f995593643013ecb137d867b2104c8669a955cc3e4 libexif-debuginfo-0.6.22-6.el9_8.1.x86_64.rpm SHA-256: dd806368f251a46a2875531e51f38f39453674a19aa48d6670daa43ba0708ee6 libexif-debugsource-0.6.22-6.el9_8.1.i686.rpm SHA-256: 39c409e0de6f47c91dbdaeab4e4e6131a419165d2b834f7e7736127594307757 libexif-debugsource-0.6.22-6.el9_8.1.x86_64.rpm SHA-256: d6372d9a81bc7ab2f56d2a0a82bf4321a7a5fcb6682f96463ae37407f13e387a Red Hat Enterprise Linux for IBM z Systems 9 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a s390x libexif-0.6.22-6.el9_8.1.s390x.rpm SHA-256: 8e15d1e0be1c1dbb825ebd08e54419a61407e9d20d2c3a489727c200d2f287fb libexif-debuginfo-0.6.22-6.el9_8.1.s390x.rpm SHA-256: 95ab6c42c1fd4ffd5392150443eeaffa205e7a769deb7c283755db99d7d30a5f libexif-debugsource-0.6.22-6.el9_8.1.s390x.rpm SHA-256: 3350f1815fcb8b7966e5a1ed086f6d2a6141d4e93513aa8f020ce39c9c8a9f90 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a s390x libexif-0.6.22-6.el9_8.1.s390x.rpm SHA-256: 8e15d1e0be1c1dbb825ebd08e54419a61407e9d20d2c3a489727c200d2f287fb libexif-debuginfo-0.6.22-6.el9_8.1.s390x.rpm SHA-256: 95ab6c42c1fd4ffd5392150443eeaffa205e7a769deb7c283755db99d7d30a5f libexif-debugsource-0.6.22-6.el9_8.1.s390x.rpm SHA-256: 3350f1815fcb8b7966e5a1ed086f6d2a6141d4e93513aa8f020ce39c9c8a9f90 Red Hat Enterprise Linux for Power, little endian 9 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a ppc64le libexif-0.6.22-6.el9_8.1.ppc64le.rpm SHA-256: b2441b72160ba23a8ae7ae2dea8ab0ba5561a215a7fdc45111af1f48d9b68622 libexif-debuginfo-0.6.22-6.el9_8.1.ppc64le.rpm SHA-256: 25be50d48524924a0e7c67e28c76a58f8086b0096ce03823c010d6fc437eb5c1 libexif-debugsource-0.6.22-6.el9_8.1.ppc64le.rpm SHA-256: af6ffdb9c49462b5f5962861a672c5b307b08410c05c15d154044468ea7f5af8 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a ppc64le libexif-0.6.22-6.el9_8.1.ppc64le.rpm SHA-256: b2441b72160ba23a8ae7ae2dea8ab0ba5561a215a7fdc45111af1f48d9b68622 libexif-debuginfo-0.6.22-6.el9_8.1.ppc64le.rpm SHA-256: 25be50d48524924a0e7c67e28c76a58f8086b0096ce03823c010d6fc437eb5c1 libexif-debugsource-0.6.22-6.el9_8.1.ppc64le.rpm SHA-256: af6ffdb9c49462b5f5962861a672c5b307b08410c05c15d154044468ea7f5af8 Red Hat Enterprise Linux for ARM 64 9 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a aarch64 libexif-0.6.22-6.el9_8.1.aarch64.rpm SHA-256: 2f0afa7a74166d1985d1d7cfc83b7e96852d5671b496cfa16489a5bbd3416116 libexif-debuginfo-0.6.22-6.el9_8.1.aarch64.rpm SHA-256: 8ffe0faae33965584d24cd62a609b904b9097fbf042f7c111caf132935a93dc4 libexif-debugsource-0.6.22-6.el9_8.1.aarch64.rpm SHA-256: c8cc3f25b074e4101b44641e32c76ee5627f9026271d30a27be00be1092c8edb Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a aarch64 libexif-0.6.22-6.el9_8.1.aarch64.rpm SHA-256: 2f0afa7a74166d1985d1d7cfc83b7e96852d5671b496cfa16489a5bbd3416116 libexif-debuginfo-0.6.22-6.el9_8.1.aarch64.rpm SHA-256: 8ffe0faae33965584d24cd62a609b904b9097fbf042f7c111caf132935a93dc4 libexif-debugsource-0.6.22-6.el9_8.1.aarch64.rpm SHA-256: c8cc3f25b074e4101b44641e32c76ee5627f9026271d30a27be00be1092c8edb Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a ppc64le libexif-0.6.22-6.el9_8.1.ppc64le.rpm SHA-256: b2441b72160ba23a8ae7ae2dea8ab0ba5561a215a7fdc45111af1f48d9b68622 libexif-debuginfo-0.6.22-6.el9_8.1.ppc64le.rpm SHA-256: 25be50d48524924a0e7c67e28c76a58f8086b0096ce03823c010d6fc437eb5c1 libexif-debugsource-0.6.22-6.el9_8.1.ppc64le.rpm SHA-256: af6ffdb9c49462b5f5962861a672c5b307b08410c05c15d154044468ea7f5af8 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 SRPM libexif-0.6.22-6.el9_8.1.src.rpm SHA-256: 63752c09bb7ed42d6100cc91ce48b35261698b8ffc1ac7dd2c00193bfbff346a x86_64 libexif-0.6.22-6.el9_8.1.i686.rpm SHA-256: bdb387bc40eebfc8f047e81b752bde53dce5a246326a597a9c31674fe63ab2d1 libexif-0.6.22-6.el9_8.1.x86_64.rpm SHA-256: 92e35eefdaabe72dec90dbcbc270bd0de802a8dd386ab5bd835967b23fc055f2 libexif-debuginfo-0.6.22-6.el9_8.1.i686.rpm SHA-256: 6ae6b32721dfa34a0af956f995593643013ecb137d867b2104c8669a955cc3e4 libexif-debuginfo-0.6.22-6.el9_8.1.x86_64.rpm SHA-256: dd806368f251a46a2875531e51f38f39453674a19aa48d6670daa43ba0708ee6 libexif-debugsource-0.6.22-6.el9_8.1.i686.rpm SHA-256: 39c409e0de6f47c91dbdaeab4e4e6131a419165d2b834f7e7736127594307757 libexif-debugsource-0.6.22-6.el9_8.1.x86_64.rpm SHA-256: d6372d9a81bc7ab2f56d2a0a82bf4321a7a5fcb6682f96463ae37407f13