Mesa 26.0.1 is now available as the first point release of this quarter’s Mesa 26.0 series. Besides the usual bug fixing, Mesa 26.0.1 is more pressing than usual since it contains a security fix for possible out-of-bounds memory access in WebGPU contexts from web browsers.
Eric Engestrom wrote in today’s Mesa 26.0.1 announcement:
“This release and 25.3.6 (already out) contain a security fix preventing out-of-bounds memory access in WebGPU. They should be deployed to users as quickly as possible.”
Mesa 26.0.1 fixes in today’s update include:
– A security fix preventing out-of-bounds memory access in WebGPU, which is rather pressing due to the WebGPU exposure in modern web browsers.
– Various KosmicKrisp fixes for Vulkan atop Apple’s Metal API.
– Lavapipe now enables DMA-BUF import support for planar DRM formats.
– The RADV driver has fixed potential corruption after FMASK decompression for old AMD GFX6 through GFX8 GPUs.
– Various other smaller RADV driver fixes, including for potential GPU hangs.
– The Intel ANV Vulkan driver now limiting its disabling of Vulkan modifiers just to specific, affected GTK versions rather than all GTK releases.
– Various other Intel ANV driver fixes, such as wrong shadows and flickering grass in Genshin Impact along with other Intel Linux gaming regressions.
