Home / mailingsPDF  

[USN-8427-1] Mesa vulnerability

Posted on 15 June 2026
Ubuntu Security

==========================================================================Ubuntu Security Notice USN-8427-1
June 15, 2026

mesa vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Mesa could be made to crash or run programs if it received specially
crafted input.

Software Description:
- mesa: free implementation of the EGL API

Details:

It was discovered that Mesa did not properly validate memory allocation
sizes in WebGPU under certain circumstances. An attacker could use this
issue to cause Mesa to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
libegl-mesa0 25.2.8-0ubuntu0.25.10.2
libgbm1 25.2.8-0ubuntu0.25.10.2
libgl1-mesa-dri 25.2.8-0ubuntu0.25.10.2
libglx-mesa0 25.2.8-0ubuntu0.25.10.2
mesa-drm-shim 25.2.8-0ubuntu0.25.10.2
mesa-libgallium 25.2.8-0ubuntu0.25.10.2
mesa-opencl-icd 25.2.8-0ubuntu0.25.10.2
mesa-teflon-delegate 25.2.8-0ubuntu0.25.10.2
mesa-va-drivers 25.2.8-0ubuntu0.25.10.2
mesa-vdpau-drivers 25.2.8-0ubuntu0.25.10.2
mesa-vulkan-drivers 25.2.8-0ubuntu0.25.10.2

Ubuntu 24.04 LTS
libegl-mesa0 25.2.8-0ubuntu0.24.04.2
libgbm1 25.2.8-0ubuntu0.24.04.2
libgl1-mesa-dri 25.2.8-0ubuntu0.24.04.2
libglx-mesa0 25.2.8-0ubuntu0.24.04.2
mesa-drm-shim 25.2.8-0ubuntu0.24.04.2
mesa-libgallium 25.2.8-0ubuntu0.24.04.2
mesa-opencl-icd 25.2.8-0ubuntu0.24.04.2
mesa-teflon-delegate 25.2.8-0ubuntu0.24.04.2
mesa-va-drivers 25.2.8-0ubuntu0.24.04.2
mesa-vdpau-drivers 25.2.8-0ubuntu0.24.04.2
mesa-vulkan-drivers 25.2.8-0ubuntu0.24.04.2

Ubuntu 22.04 LTS
libd3dadapter9-mesa 23.2.1-1ubuntu3.1~22.04.4
libegl-mesa0 23.2.1-1ubuntu3.1~22.04.4
libgbm1 23.2.1-1ubuntu3.1~22.04.4
libgl1-mesa-dri 23.2.1-1ubuntu3.1~22.04.4
libglapi-mesa 23.2.1-1ubuntu3.1~22.04.4
libglx-mesa0 23.2.1-1ubuntu3.1~22.04.4
libosmesa6 23.2.1-1ubuntu3.1~22.04.4
libxatracker2 23.2.1-1ubuntu3.1~22.04.4
mesa-drm-shim 23.2.1-1ubuntu3.1~22.04.4
mesa-opencl-icd 23.2.1-1ubuntu3.1~22.04.4
mesa-va-drivers 23.2.1-1ubuntu3.1~22.04.4
mesa-vdpau-drivers 23.2.1-1ubuntu3.1~22.04.4
mesa-vulkan-drivers 23.2.1-1ubuntu3.1~22.04.4

After a standard system update you need to restart your session to make all
the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8427-1
CVE-2026-40393

Package Information:
https://launchpad.net/ubuntu/+source/mesa/25.2.8-0ubuntu0.25.10.2
https://launchpad.net/ubuntu/+source/mesa/25.2.8-0ubuntu0.24.04.2
https://launchpad.net/ubuntu/+source/mesa/23.2.1-1ubuntu3.1~22.04.4

--===============2301664001313777950==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature

 

TOP

Mailings :

Exploits :