EIP-2026-103485

PRE-CVE

Google Chrome - SwiftShader OpenGL Texture Bindings Reference Count Leak

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103485. PoCs published by Google Security Research.

AI-analyzed exploit summary This is a detailed technical analysis of a heap-use-after-free vulnerability in Swiftshader's OpenGL texture bindings, specifically in the `Texture2D::copyImage` function. The writeup includes a root cause analysis, crash logs, and an explanation of the reference counting issue leading to memory corruption.

Description

Google Chrome - SwiftShader OpenGL Texture Bindings Reference Count Leak

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · htmldosmultiple

https://www.exploit-db.com/exploits/45061

View Code ZIP pw:eip

This is a detailed technical analysis of a heap-use-after-free vulnerability in Swiftshader's OpenGL texture bindings, specifically in the `Texture2D::copyImage` function. The writeup includes a root cause analysis, crash logs, and an explanation of the reference counting issue leading to memory corruption.

Classification

Writeup 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Swiftshader (Chrome's software renderer) in Chrome 68.0.3440.7

No auth needed

Prerequisites: Access to a vulnerable version of Chrome with Swiftshader enabled

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026