Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/mesa@25.0.7-2?distro=trixie
purl pkg:deb/debian/mesa@25.0.7-2?distro=trixie
Next non-vulnerable version 26.0.1-1
Latest non-vulnerable version 26.0.5-1
Risk 2.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-pfdb-qy35-hkh9
Aliases:
CVE-2026-40393
In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca.
26.0.1-1
Affected by 0 other vulnerabilities.
26.0.4-1
Affected by 0 other vulnerabilities.
26.0.5-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-as99-e7pb-eqcw Multiple vulnerabilities in Mesa could result in execution of arbitrary code or Denial of Service. CVE-2012-5129
VCID-au65-xxvr-c7hr Multiple vulnerabilities in Mesa could result in execution of arbitrary code or Denial of Service. CVE-2012-2864
VCID-gers-qjkn-2fhn Multiple vulnerabilities in Mesa could result in execution of arbitrary code or Denial of Service. CVE-2013-1872
VCID-qqd6-hfbc-3fgt Multiple vulnerabilities have been found in X.Org X Server, allowing attackers to execute arbitrary code or cause a Denial of Service condition. CVE-2013-1993
VCID-zkay-7cyh-nkb4 mesa: security bypass in 3D library graphics CVE-2019-5068

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-17T22:44:21.561434+00:00 Debian Importer Affected by VCID-pfdb-qy35-hkh9 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:42:19.023250+00:00 Debian Importer Fixing VCID-au65-xxvr-c7hr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:34:41.424302+00:00 Debian Importer Fixing VCID-gers-qjkn-2fhn https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:12:39.105884+00:00 Debian Importer Fixing VCID-zkay-7cyh-nkb4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:43:21.318233+00:00 Debian Importer Fixing VCID-qqd6-hfbc-3fgt https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:42:05.070825+00:00 Debian Importer Fixing VCID-as99-e7pb-eqcw https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T12:48:50.961999+00:00 Debian Importer Affected by VCID-pfdb-qy35-hkh9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:14:26.305846+00:00 Debian Importer Fixing VCID-au65-xxvr-c7hr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:08:45.522204+00:00 Debian Importer Fixing VCID-gers-qjkn-2fhn https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:51:53.639892+00:00 Debian Importer Fixing VCID-zkay-7cyh-nkb4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:51:37.163889+00:00 Debian Importer Fixing VCID-qqd6-hfbc-3fgt https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:50:51.822366+00:00 Debian Importer Fixing VCID-as99-e7pb-eqcw https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:45:57.438011+00:00 Debian Importer Fixing VCID-zkay-7cyh-nkb4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:57.388296+00:00 Debian Importer Fixing VCID-qqd6-hfbc-3fgt https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:57.346790+00:00 Debian Importer Fixing VCID-gers-qjkn-2fhn https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:57.304393+00:00 Debian Importer Fixing VCID-as99-e7pb-eqcw https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:45:57.253896+00:00 Debian Importer Fixing VCID-au65-xxvr-c7hr https://security-tracker.debian.org/tracker/data/json 38.1.0