Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
162 vulnerabilities found for gpu_display_driver by nvidia
CVE-2026-24199 (GCVE-0-2026-24199)
Vulnerability from nvd – Published: 2026-05-26 17:18 – Updated: 2026-05-27 15:45
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24199",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:28:04.539911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:37.935Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:45:30.532Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24199"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24199"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24199",
"datePublished": "2026-05-26T17:18:50.759Z",
"dateReserved": "2026-01-21T19:09:34.080Z",
"dateUpdated": "2026-05-27T15:45:30.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24197 (GCVE-0-2026-24197)
Vulnerability from nvd – Published: 2026-05-26 17:19 – Updated: 2026-05-27 15:44
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.94(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:53:48.535083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:54:00.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.94(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Initialization of a Resource with an Insecure Default",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:44:16.401Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24197"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24197"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24197",
"datePublished": "2026-05-26T17:19:40.408Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:44:16.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24196 (GCVE-0-2026-24196)
Vulnerability from nvd – Published: 2026-05-26 17:20 – Updated: 2026-05-27 15:43
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:28:12.222207Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:24.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:43:31.436Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24196"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24196"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24196",
"datePublished": "2026-05-26T17:20:25.479Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:43:31.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24195 (GCVE-0-2026-24195)
Vulnerability from nvd – Published: 2026-05-26 17:15 – Updated: 2026-05-26 18:38
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:27:42.793026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:38:21.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T17:15:30.817Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24195"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24195"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24195",
"datePublished": "2026-05-26T17:15:30.817Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-26T18:38:21.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24194 (GCVE-0-2026-24194)
Vulnerability from nvd – Published: 2026-05-26 17:24 – Updated: 2026-05-27 15:41
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:05.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:41:55.643Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24194"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24194"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24194",
"datePublished": "2026-05-26T17:24:13.664Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:41:55.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24193 (GCVE-0-2026-24193)
Vulnerability from nvd – Published: 2026-05-26 17:21 – Updated: 2026-05-27 15:41
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:00.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:41:19.055Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24193"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24193"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24193",
"datePublished": "2026-05-26T17:21:42.334Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:41:19.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24192 (GCVE-0-2026-24192)
Vulnerability from nvd – Published: 2026-05-26 17:14 – Updated: 2026-05-27 15:40
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-681 - Incorrect Conversion between Numeric Types
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:58.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681 Incorrect Conversion between Numeric Types",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:40:46.679Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24192"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24192"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24192",
"datePublished": "2026-05-26T17:14:31.794Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:40:46.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24191 (GCVE-0-2026-24191)
Vulnerability from nvd – Published: 2026-05-26 17:23 – Updated: 2026-05-27 15:40
VLAI
Summary
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.94(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:04.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.94(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:40:06.029Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24191"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24191"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24191",
"datePublished": "2026-05-26T17:23:25.753Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:40:06.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24190 (GCVE-0-2026-24190)
Vulnerability from nvd – Published: 2026-05-26 17:22 – Updated: 2026-05-27 15:39
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:03.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:39:23.833Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24190"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24190"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24190",
"datePublished": "2026-05-26T17:22:41.269Z",
"dateReserved": "2026-01-21T19:09:32.733Z",
"dateUpdated": "2026-05-27T15:39:23.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24187 (GCVE-0-2026-24187)
Vulnerability from nvd – Published: 2026-05-26 17:12 – Updated: 2026-05-27 15:38
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:57.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:38:40.976Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24187"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24187"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24187",
"datePublished": "2026-05-26T17:12:42.081Z",
"dateReserved": "2026-01-21T19:09:32.733Z",
"dateUpdated": "2026-05-27T15:38:40.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24182 (GCVE-0-2026-24182)
Vulnerability from nvd – Published: 2026-05-26 17:16 – Updated: 2026-05-27 15:37
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-667 - Improper Locking
Assigner
References
Impacted products
25 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53. Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:27:51.095912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:38:08.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53. Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-667",
"description": "CWE-667 Improper Locking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:37:52.121Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24182"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24182"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24182",
"datePublished": "2026-05-26T17:16:42.147Z",
"dateReserved": "2026-01-21T19:09:32.732Z",
"dateUpdated": "2026-05-27T15:37:52.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33221 (GCVE-0-2025-33221)
Vulnerability from nvd – Published: 2026-05-26 17:26 – Updated: 2026-05-27 15:36
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service.
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
24 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:22:48.086550Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:35:34.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Data tampering, denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:36:35.699Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33221"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33221"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33221",
"datePublished": "2026-05-26T17:26:29.463Z",
"dateReserved": "2025-04-15T18:51:06.915Z",
"dateUpdated": "2026-05-27T15:36:35.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-0107 (GCVE-0-2024-0107)
Vulnerability from nvd – Published: 2024-08-08 16:57 – Updated: 2025-11-04 17:14
VLAI
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GPU Display Driver, vGPU Software, Cloud Gaming |
Affected:
All versions up to and including the June 2024 release
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0107",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T18:35:37.897108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T18:36:36.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T17:14:08.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1956"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "GPU Display Driver, vGPU Software, Cloud Gaming",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions up to and including the June 2024 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\u003c/span\u003e"
}
],
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Code execution, denial of service, escalation of privileges, information disclosure, data tampering"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T16:57:49.154Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5557"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0107",
"datePublished": "2024-08-08T16:57:49.154Z",
"dateReserved": "2023-12-02T00:42:17.123Z",
"dateUpdated": "2025-11-04T17:14:08.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-0092 (GCVE-0-2024-0092)
Vulnerability from nvd – Published: 2024-06-13 21:23 – Updated: 2024-08-01 17:41
VLAI
Title
CVE
Summary
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | GPU display driver, vGPU software, and Cloud Gaming |
Affected:
All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T16:45:14.826848Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T16:45:23.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GPU display driver, vGPU software, and Cloud Gaming",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service."
}
],
"value": "NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:23:30.327Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE"
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0092",
"datePublished": "2024-06-13T21:23:30.327Z",
"dateReserved": "2023-12-02T00:42:01.816Z",
"dateUpdated": "2024-08-01T17:41:15.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-33221 (GCVE-0-2025-33221)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:26 – Updated: 2026-05-27 15:36
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service.
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
24 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:22:48.086550Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:35:34.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Data tampering, denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:36:35.699Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33221"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33221"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33221",
"datePublished": "2026-05-26T17:26:29.463Z",
"dateReserved": "2025-04-15T18:51:06.915Z",
"dateUpdated": "2026-05-27T15:36:35.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24194 (GCVE-0-2026-24194)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:24 – Updated: 2026-05-27 15:41
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:05.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:41:55.643Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24194"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24194"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24194",
"datePublished": "2026-05-26T17:24:13.664Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:41:55.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24191 (GCVE-0-2026-24191)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:23 – Updated: 2026-05-27 15:40
VLAI
Summary
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.94(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:04.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.94(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:40:06.029Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24191"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24191"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24191",
"datePublished": "2026-05-26T17:23:25.753Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:40:06.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24190 (GCVE-0-2026-24190)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:22 – Updated: 2026-05-27 15:39
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:03.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:39:23.833Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24190"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24190"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24190",
"datePublished": "2026-05-26T17:22:41.269Z",
"dateReserved": "2026-01-21T19:09:32.733Z",
"dateUpdated": "2026-05-27T15:39:23.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24193 (GCVE-0-2026-24193)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:21 – Updated: 2026-05-27 15:41
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:00.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:41:19.055Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24193"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24193"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24193",
"datePublished": "2026-05-26T17:21:42.334Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:41:19.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24196 (GCVE-0-2026-24196)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:20 – Updated: 2026-05-27 15:43
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:28:12.222207Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:24.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:43:31.436Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24196"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24196"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24196",
"datePublished": "2026-05-26T17:20:25.479Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:43:31.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24197 (GCVE-0-2026-24197)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:19 – Updated: 2026-05-27 15:44
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.94(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:53:48.535083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:54:00.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.94(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Initialization of a Resource with an Insecure Default",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:44:16.401Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24197"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24197"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24197",
"datePublished": "2026-05-26T17:19:40.408Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:44:16.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24199 (GCVE-0-2026-24199)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:18 – Updated: 2026-05-27 15:45
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24199",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:28:04.539911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:37.935Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:45:30.532Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24199"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24199"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24199",
"datePublished": "2026-05-26T17:18:50.759Z",
"dateReserved": "2026-01-21T19:09:34.080Z",
"dateUpdated": "2026-05-27T15:45:30.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24182 (GCVE-0-2026-24182)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:16 – Updated: 2026-05-27 15:37
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-667 - Improper Locking
Assigner
References
Impacted products
25 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53. Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:27:51.095912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:38:08.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53. Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-667",
"description": "CWE-667 Improper Locking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:37:52.121Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24182"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24182"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24182",
"datePublished": "2026-05-26T17:16:42.147Z",
"dateReserved": "2026-01-21T19:09:32.732Z",
"dateUpdated": "2026-05-27T15:37:52.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24195 (GCVE-0-2026-24195)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:15 – Updated: 2026-05-26 18:38
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:27:42.793026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:38:21.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T17:15:30.817Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24195"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24195"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24195",
"datePublished": "2026-05-26T17:15:30.817Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-26T18:38:21.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24192 (GCVE-0-2026-24192)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:14 – Updated: 2026-05-27 15:40
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-681 - Incorrect Conversion between Numeric Types
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:58.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681 Incorrect Conversion between Numeric Types",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:40:46.679Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24192"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24192"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24192",
"datePublished": "2026-05-26T17:14:31.794Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:40:46.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24187 (GCVE-0-2026-24187)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:12 – Updated: 2026-05-27 15:38
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:57.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:38:40.976Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24187"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24187"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24187",
"datePublished": "2026-05-26T17:12:42.081Z",
"dateReserved": "2026-01-21T19:09:32.733Z",
"dateUpdated": "2026-05-27T15:38:40.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-0107 (GCVE-0-2024-0107)
Vulnerability from cvelistv5 – Published: 2024-08-08 16:57 – Updated: 2025-11-04 17:14
VLAI
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GPU Display Driver, vGPU Software, Cloud Gaming |
Affected:
All versions up to and including the June 2024 release
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0107",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T18:35:37.897108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T18:36:36.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T17:14:08.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1956"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "GPU Display Driver, vGPU Software, Cloud Gaming",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions up to and including the June 2024 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\u003c/span\u003e"
}
],
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Code execution, denial of service, escalation of privileges, information disclosure, data tampering"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T16:57:49.154Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5557"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0107",
"datePublished": "2024-08-08T16:57:49.154Z",
"dateReserved": "2023-12-02T00:42:17.123Z",
"dateUpdated": "2025-11-04T17:14:08.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-0092 (GCVE-0-2024-0092)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:23 – Updated: 2024-08-01 17:41
VLAI
Title
CVE
Summary
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | GPU display driver, vGPU software, and Cloud Gaming |
Affected:
All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T16:45:14.826848Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T16:45:23.624Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GPU display driver, vGPU software, and Cloud Gaming",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service."
}
],
"value": "NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:23:30.327Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE"
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0092",
"datePublished": "2024-06-13T21:23:30.327Z",
"dateReserved": "2023-12-02T00:42:01.816Z",
"dateUpdated": "2024-08-01T17:41:15.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0091 (GCVE-0-2024-0091)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:23 – Updated: 2024-08-01 17:41
VLAI
Title
CVE
Summary
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | GPU display driver, vGPU software, and Cloud Gaming |
Affected:
All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release
|
|
| nvidia | geforce |
Affected:
0 , < 555.99
(custom)
cpe:2.3:a:nvidia:geforce:555.99:*:*:*:*:*:*:* |
|
| nvidia | studio |
Affected:
0 , < 555.99
(custom)
cpe:2.3:a:nvidia:studio:555.99:*:*:*:*:*:*:* |
|
| nvidia | quadro_firmware |
Affected:
0 , < 555.99
(custom)
Affected: 0 , < 552.55 (custom) cpe:2.3:a:nvidia:quadro_firmware:555.99:*:*:*:*:*:*:* |
|
| nvidia | nvs_firmware |
Affected:
0 , < 555.99
(custom)
Affected: 0 , < 552.55 (custom) cpe:2.3:a:nvidia:nvs_firmware:555.99:*:*:*:*:*:*:* |
|
| nvidia | rtx |
Affected:
0 , < 555.99
(custom)
Affected: 0 , < 552.55 (custom) cpe:2.3:a:nvidia:rtx:555.99:*:*:*:*:*:*:* |
|
| nvidia | tesla |
Affected:
0 , < 552.55
(custom)
cpe:2.3:a:nvidia:tesla:552.55:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nvidia:geforce:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "geforce",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:studio:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "studio",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:quadro_firmware:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "quadro_firmware",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "552.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:nvs_firmware:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nvs_firmware",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "552.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:rtx:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rtx",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "552.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:tesla:552.55:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tesla",
"vendor": "nvidia",
"versions": [
{
"lessThan": "552.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0091",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-15T03:55:35.767Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GPU display driver, vGPU software, and Cloud Gaming",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering."
}
],
"value": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, information disclosure, data tampering"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-822",
"description": "CWE-822",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:23:29.556Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE"
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0091",
"datePublished": "2024-06-13T21:23:29.556Z",
"dateReserved": "2023-12-02T00:42:00.978Z",
"dateUpdated": "2024-08-01T17:41:15.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0089 (GCVE-0-2024-0089)
Vulnerability from cvelistv5 – Published: 2024-06-13 21:23 – Updated: 2024-08-01 17:41
VLAI
Title
CVE
Summary
NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | GPU display driver, vGPU software, and Cloud Gaming |
Affected:
All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release
|
|
| nvidia | geforce |
Affected:
0 , < 555.99
(custom)
cpe:2.3:a:nvidia:geforce:555.99:*:*:*:*:*:*:* |
|
| nvidia | studio |
Affected:
0 , < 555.99
(custom)
cpe:2.3:a:nvidia:studio:555.99:*:*:*:*:*:*:* |
|
| nvidia | quadro_firmware |
Affected:
0 , < 555.99
(custom)
Affected: 0 , < 552.55 (custom) cpe:2.3:a:nvidia:quadro_firmware:555.99:*:*:*:*:*:*:* |
|
| nvidia | nvs_firmware |
Affected:
0 , < 555.99
(custom)
Affected: 0 , < 552.55 (custom) cpe:2.3:a:nvidia:nvs_firmware:555.99:*:*:*:*:*:*:* |
|
| nvidia | rtx |
Affected:
0 , < 555.99
(custom)
Affected: 0 , < 552.55 (custom) cpe:2.3:a:nvidia:rtx:555.99:*:*:*:*:*:*:* |
|
| nvidia | tesla |
Affected:
0 , < 552.55
(custom)
cpe:2.3:a:nvidia:tesla:552.55:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nvidia:geforce:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "geforce",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:studio:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "studio",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:quadro_firmware:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "quadro_firmware",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "552.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:nvs_firmware:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nvs_firmware",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "552.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:rtx:555.99:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rtx",
"vendor": "nvidia",
"versions": [
{
"lessThan": "555.99",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "552.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:nvidia:tesla:552.55:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tesla",
"vendor": "nvidia",
"versions": [
{
"lessThan": "552.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0089",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-15T03:55:35.510137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T12:53:30.805Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GPU display driver, vGPU software, and Cloud Gaming",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All versions up to and including 17.1, 16.5, 13.10, and the April 2024 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering."
}
],
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. A successful exploit of this vulnerability might lead to code execution, information disclosure, or data tampering."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Code execution, information disclosure, data tampering"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-665",
"description": "CWE-665",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T21:23:29.198Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE"
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0089",
"datePublished": "2024-06-13T21:23:29.198Z",
"dateReserved": "2023-12-02T00:41:59.121Z",
"dateUpdated": "2024-08-01T17:41:15.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}