Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

openSUSE Leap 16.0 Mesa Moderate Out-Of-Bounds Access Vuln 2026-20688-1

opensuse
Calendar Grey May 8, 2026
Dist Opensuse Esm H88
An installation note regarding openSUSE security update addressing moderate issues in Mesa software with critical bug fixes.
An update that solves one vulnerability and has 2 bug fixes can now be installed.

Description

This update for Mesa fixes the following issue:

- CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party (bsc#1261998).

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-707=1

Patch

Package List

- openSUSE Leap 16.0:

Mesa-24.3.3-160000.3.1

Mesa-KHR-devel-24.3.3-160000.3.1

Mesa-devel-24.3.3-160000.3.1

Mesa-dri-24.3.3-160000.3.1

Mesa-dri-devel-24.3.3-160000.3.1

Mesa-dri-nouveau-24.3.3-160000.3.1

Mesa-dri-vc4-24.3.3-160000.3.1

Mesa-gallium-24.3.3-160000.3.1

Mesa-libEGL-devel-24.3.3-160000.3.1

Mesa-libEGL1-24.3.3-160000.3.1

Mesa-libGL-devel-24.3.3-160000.3.1

Mesa-libGL1-24.3.3-160000.3.1

Mesa-libGLESv1_CM-devel-24.3.3-160000.3.1

Mesa-libGLESv2-devel-24.3.3-160000.3.1

Mesa-libGLESv3-devel-24.3.3-160000.3.1

Mesa-libOpenCL-24.3.3-160000.3.1

Mesa-libRusticlOpenCL-24.3.3-160000.3.1

Mesa-libd3d-24.3.3-160000.3.1

Mesa-libd3d-devel-24.3.3-160000.3.1

Mesa-libglapi-devel-24.3.3-160000.3.1

Mesa-libglapi0-24.3.3-160000.3.1

Mesa-libva-24.3.3-160000.3.1

Mesa-vulkan-device-select-24.3.3-160000.3.1

Mesa-vulkan-overlay-24.3.3-160000.3.1

libOSMesa-devel-24.3.3-160000.3.1

libOSMesa8-24.3.3-160000.3.1

libgbm-devel-24.3.3-160000.3.1

libgbm1-24.3.3-160000.3.1

libvdpau_d3d12-24.3.3-160000.3.1

libvdpau_nouveau-24.3.3-160000.3.1

libvdp...

Read the Full Advisory

References

* bsc#1261911

* bsc#1261998

References:

* https://www.suse.com/security/cve/CVE-2026-40393.html

Announcement ID: openSUSE-SU-2026:20688-1
Rating: moderate
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here