Introduction
A memory corruption flaw in Mesa's WebGPU shader compiler allows a remote attacker to trigger an out of bounds write simply by serving a crafted web page to a Linux user. Because Mesa is the default graphics driver stack on virtually every Linux distribution, this vulnerability quietly affects a massive installed base of desktops, workstations, and embedded devices running browsers with WebGPU support.
Technical Information
Root Cause
The vulnerability resides in Mesa's NIR (New Intermediate Representation) compiler, specifically in how it handles function calls and memory allocation for shader processing. In affected versions, the number of fields used to determine the size of a stack allocation originates directly from the shader itself. Since shaders processed via WebGPU come from untrusted web content, this means an attacker controlled value dictates how much memory is allocated via alloca.
The alloca function allocates memory on the stack rather than the heap. When a shader provides a sufficiently large field count, the resulting alloca call overflows the stack frame, producing out of bounds memory access. The weakness is classified as CWE 787 (Out of bounds Write), reflecting the nature of the memory corruption.
This flaw was inadvertently introduced during a rework of function calls in commit c11833ab. The fix, implemented in commit 9017d37e, replaced the use of NIR_VLA (a variable length array macro) with STACK_ARRAY, which provides safe bounds on the allocation size.
Attack Flow
The attack scenario is straightforward and requires no authentication or special privileges:
- An attacker crafts a WebGPU shader containing an excessively large field count value.
- The attacker hosts this shader on a malicious web page or injects it into a compromised site.
- A victim on a Linux system with a vulnerable Mesa version navigates to the page using a browser with WebGPU enabled.
- The browser passes the shader to Mesa's NIR compiler for processing.
- The compiler reads the attacker controlled field count and uses it as the size argument for an
allocacall. - The oversized stack allocation results in out of bounds memory access, potentially allowing the attacker to corrupt adjacent stack memory.
The CVSS 3.1 base score of 8.1 (High) reflects the remote exploitability through the browser and the potential for significant impact through memory corruption.
Affected Systems and Versions
The following Mesa versions are affected:
| Product Line | Vulnerable Versions | Fixed Version | Release Date |
|---|---|---|---|
| Mesa 25.x | All versions before 25.3.6 | 25.3.6 | February 19, 2026 |
| Mesa 26.x | 26.0.0 | 26.0.1 | February 25, 2026 |
Any Linux distribution or embedded platform (including ChromeOS) shipping these Mesa versions with a WebGPU capable browser is potentially affected. Organizations should verify the exact Mesa version installed on their systems and confirm that downstream distribution packages have integrated the fix.
Vendor Security History
Mesa is a foundational open source project hosted by freedesktop.org, providing OpenGL, Vulkan, and now WebGPU implementations for Linux. Given its role as the primary GPU driver stack across desktop Linux, Wayland compositors, and embedded platforms like ChromeOS, it represents a high value target. The Mesa project maintains an active release calendar and demonstrated a rapid response to this disclosure, shipping fixes within weeks of the report. ChromeOS has already cherry picked the relevant commit to secure its environment.
References
- NVD: CVE-2026-40393
- CVE Record: CVE-2026-40393
- Mesa Merge Request 39866
- Mesa 26.0.1 Announcement
- Fix Commit: nir: Use STACK_ARRAY instead of NIR_VLA (9017d37e)
- Introducing Commit: nir,spirv: Rework function calls (c11833ab)
- Mesa 25.3.6 Release Notes
- Mesa 26.0.1 Release Notes
- Phoronix: Mesa 26.0.1 Released With Important Security Fix
- Mesa Dev Discussion on WebGPU Security Fix
- Mesa 3D Graphics Library
