==========================================================================
Ubuntu Security Notice USN-8427-1
June 15, 2026

mesa vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Mesa could be made to crash or run programs if it received specially
crafted input.

Software Description:
- mesa: free implementation of the EGL API

Details:

It was discovered that Mesa did not properly validate memory allocation
sizes in WebGPU under certain circumstances. An attacker could use this
issue to cause Mesa to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libegl-mesa0                    25.2.8-0ubuntu0.25.10.2
  libgbm1                         25.2.8-0ubuntu0.25.10.2
  libgl1-mesa-dri                 25.2.8-0ubuntu0.25.10.2
  libglx-mesa0                    25.2.8-0ubuntu0.25.10.2
  mesa-drm-shim                   25.2.8-0ubuntu0.25.10.2
  mesa-libgallium                 25.2.8-0ubuntu0.25.10.2
  mesa-opencl-icd                 25.2.8-0ubuntu0.25.10.2
  mesa-teflon-delegate            25.2.8-0ubuntu0.25.10.2
  mesa-va-drivers                 25.2.8-0ubuntu0.25.10.2
  mesa-vdpau-drivers              25.2.8-0ubuntu0.25.10.2
  mesa-vulkan-drivers             25.2.8-0ubuntu0.25.10.2

Ubuntu 24.04 LTS
  libegl-mesa0                    25.2.8-0ubuntu0.24.04.2
  libgbm1                         25.2.8-0ubuntu0.24.04.2
  libgl1-mesa-dri                 25.2.8-0ubuntu0.24.04.2
  libglx-mesa0                    25.2.8-0ubuntu0.24.04.2
  mesa-drm-shim                   25.2.8-0ubuntu0.24.04.2
  mesa-libgallium                 25.2.8-0ubuntu0.24.04.2
  mesa-opencl-icd                 25.2.8-0ubuntu0.24.04.2
  mesa-teflon-delegate            25.2.8-0ubuntu0.24.04.2
  mesa-va-drivers                 25.2.8-0ubuntu0.24.04.2
  mesa-vdpau-drivers              25.2.8-0ubuntu0.24.04.2
  mesa-vulkan-drivers             25.2.8-0ubuntu0.24.04.2

Ubuntu 22.04 LTS
  libd3dadapter9-mesa             23.2.1-1ubuntu3.1~22.04.4
  libegl-mesa0                    23.2.1-1ubuntu3.1~22.04.4
  libgbm1                         23.2.1-1ubuntu3.1~22.04.4
  libgl1-mesa-dri                 23.2.1-1ubuntu3.1~22.04.4
  libglapi-mesa                   23.2.1-1ubuntu3.1~22.04.4
  libglx-mesa0                    23.2.1-1ubuntu3.1~22.04.4
  libosmesa6                      23.2.1-1ubuntu3.1~22.04.4
  libxatracker2                   23.2.1-1ubuntu3.1~22.04.4
  mesa-drm-shim                   23.2.1-1ubuntu3.1~22.04.4
  mesa-opencl-icd                 23.2.1-1ubuntu3.1~22.04.4
  mesa-va-drivers                 23.2.1-1ubuntu3.1~22.04.4
  mesa-vdpau-drivers              23.2.1-1ubuntu3.1~22.04.4
  mesa-vulkan-drivers             23.2.1-1ubuntu3.1~22.04.4

After a standard system update you need to restart your session to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8427-1
  CVE-2026-40393

Package Information:
  https://launchpad.net/ubuntu/+source/mesa/25.2.8-0ubuntu0.25.10.2
  https://launchpad.net/ubuntu/+source/mesa/25.2.8-0ubuntu0.24.04.2
  https://launchpad.net/ubuntu/+source/mesa/23.2.1-1ubuntu3.1~22.04.4

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to