{"id":"USN-8427-1","summary":"mesa vulnerability","details":"It was discovered that Mesa did not properly validate memory allocation\nsizes in WebGPU under certain circumstances. An attacker could use this\nissue to cause Mesa to crash, resulting in a denial of service, or possibly\nexecute arbitrary code.","modified":"2026-06-15T20:18:55.607946437Z","published":"2026-06-15T12:01:35Z","related":["UBUNTU-CVE-2026-40393"],"upstream":["CVE-2026-40393","UBUNTU-CVE-2026-40393"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8427-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-40393"}],"affected":[{"package":{"name":"mesa","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/mesa?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"23.2.1-1ubuntu3.1~22.04.4"}]}],"versions":["21.2.2-1ubuntu1","21.3.5-1ubuntu1","22.0.0-0ubuntu2","22.0.1-1ubuntu1","22.0.1-1ubuntu2","22.0.1-1ubuntu2.1","22.0.5-0ubuntu0.1","22.0.5-0ubuntu0.3","22.2.5-0ubuntu0.1~22.04.1","22.2.5-0ubuntu0.1~22.04.2","22.2.5-0ubuntu0.1~22.04.3","23.0.4-0ubuntu1~22.04.1","23.2.1-1ubuntu3.1~22.04.2","23.2.1-1ubuntu3.1~22.04.3"],"ecosystem_specific":{"binaries":[{"binary_name":"libd3dadapter9-mesa","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"libegl-mesa0","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"libgbm1","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"libgl1-mesa-dri","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"libglapi-mesa","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"libglx-mesa0","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"libosmesa6","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"libxatracker2","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"mesa-drm-shim","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"mesa-opencl-icd","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"mesa-va-drivers","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"mesa-vdpau-drivers","binary_version":"23.2.1-1ubuntu3.1~22.04.4"},{"binary_name":"mesa-vulkan-drivers","binary_version":"23.2.1-1ubuntu3.1~22.04.4"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8427-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-40393"}],"ecosystem":"Ubuntu:22.04:LTS"}}},{"package":{"name":"mesa","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/mesa?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"25.2.8-0ubuntu0.24.04.2"}]}],"versions":["23.2.1-1ubuntu3","23.2.1-1ubuntu4","23.3.0-2ubuntu3","23.3.3-1ubuntu2","24.0.1-1ubuntu1","24.0.3-1ubuntu3","24.0.3-1ubuntu4","24.0.5-1ubuntu1","24.0.9-0ubuntu0.1","24.0.9-0ubuntu0.2","24.0.9-0ubuntu0.3","24.2.8-1ubuntu1~24.04.1","25.0.7-0ubuntu0.24.04.1","25.0.7-0ubuntu0.24.04.2","25.2.8-0ubuntu0.24.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"libegl-mesa0","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"libgbm1","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"libgl1-mesa-dri","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"libglx-mesa0","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"mesa-drm-shim","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"mesa-libgallium","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"mesa-opencl-icd","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"mesa-teflon-delegate","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"mesa-va-drivers","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"mesa-vdpau-drivers","binary_version":"25.2.8-0ubuntu0.24.04.2"},{"binary_name":"mesa-vulkan-drivers","binary_version":"25.2.8-0ubuntu0.24.04.2"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8427-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-40393"}],"ecosystem":"Ubuntu:24.04:LTS"}}},{"package":{"name":"mesa","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/mesa?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"25.2.8-0ubuntu0.25.10.2"}]}],"versions":["25.0.3-1ubuntu2","25.0.7-0ubuntu1","25.0.7-0ubuntu2","25.0.7-0ubuntu3","25.1.5-1ubuntu1","25.1.7-1ubuntu1","25.2.1-2ubuntu1","25.2.2-1ubuntu1","25.2.3-1ubuntu1","25.2.8-0ubuntu0.25.10.1"],"ecosystem_specific":{"binaries":[{"binary_name":"libegl-mesa0","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"libgbm1","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"libgl1-mesa-dri","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"libglx-mesa0","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"mesa-drm-shim","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"mesa-libgallium","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"mesa-opencl-icd","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"mesa-teflon-delegate","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"mesa-va-drivers","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"mesa-vdpau-drivers","binary_version":"25.2.8-0ubuntu0.25.10.2"},{"binary_name":"mesa-vulkan-drivers","binary_version":"25.2.8-0ubuntu0.25.10.2"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8427-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-40393"}],"ecosystem":"Ubuntu:25.10"}}}],"schema_version":"1.7.5"}