Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
56 vulnerabilities found for GeForce by NVIDIA
CVE-2026-24199 (GCVE-0-2026-24199)
Vulnerability from nvd – Published: 2026-05-26 17:18 – Updated: 2026-05-27 15:45
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24199",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:28:04.539911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:37.935Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:45:30.532Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24199"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24199"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24199",
"datePublished": "2026-05-26T17:18:50.759Z",
"dateReserved": "2026-01-21T19:09:34.080Z",
"dateUpdated": "2026-05-27T15:45:30.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24198 (GCVE-0-2026-24198)
Vulnerability from nvd – Published: 2026-05-26 17:17 – Updated: 2026-05-27 15:44
VLAI
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:27:58.663079Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:53.125Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure."
}
],
"value": "NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, data tampering, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:44:45.771Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24198"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24198"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24198",
"datePublished": "2026-05-26T17:17:54.052Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:44:45.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24197 (GCVE-0-2026-24197)
Vulnerability from nvd – Published: 2026-05-26 17:19 – Updated: 2026-05-27 15:44
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.94(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:53:48.535083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:54:00.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.94(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Initialization of a Resource with an Insecure Default",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:44:16.401Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24197"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24197"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24197",
"datePublished": "2026-05-26T17:19:40.408Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:44:16.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24196 (GCVE-0-2026-24196)
Vulnerability from nvd – Published: 2026-05-26 17:20 – Updated: 2026-05-27 15:43
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:28:12.222207Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:24.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:43:31.436Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24196"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24196"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24196",
"datePublished": "2026-05-26T17:20:25.479Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:43:31.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24194 (GCVE-0-2026-24194)
Vulnerability from nvd – Published: 2026-05-26 17:24 – Updated: 2026-05-27 15:41
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:05.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:41:55.643Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24194"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24194"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24194",
"datePublished": "2026-05-26T17:24:13.664Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:41:55.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24193 (GCVE-0-2026-24193)
Vulnerability from nvd – Published: 2026-05-26 17:21 – Updated: 2026-05-27 15:41
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:00.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:41:19.055Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24193"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24193"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24193",
"datePublished": "2026-05-26T17:21:42.334Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:41:19.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24192 (GCVE-0-2026-24192)
Vulnerability from nvd – Published: 2026-05-26 17:14 – Updated: 2026-05-27 15:40
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-681 - Incorrect Conversion between Numeric Types
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:58.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681 Incorrect Conversion between Numeric Types",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:40:46.679Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24192"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24192"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24192",
"datePublished": "2026-05-26T17:14:31.794Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:40:46.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24191 (GCVE-0-2026-24191)
Vulnerability from nvd – Published: 2026-05-26 17:23 – Updated: 2026-05-27 15:40
VLAI
Summary
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.94(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:04.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.94(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:40:06.029Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24191"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24191"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24191",
"datePublished": "2026-05-26T17:23:25.753Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:40:06.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24190 (GCVE-0-2026-24190)
Vulnerability from nvd – Published: 2026-05-26 17:22 – Updated: 2026-05-27 15:39
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:03.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:39:23.833Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24190"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24190"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24190",
"datePublished": "2026-05-26T17:22:41.269Z",
"dateReserved": "2026-01-21T19:09:32.733Z",
"dateUpdated": "2026-05-27T15:39:23.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24187 (GCVE-0-2026-24187)
Vulnerability from nvd – Published: 2026-05-26 17:12 – Updated: 2026-05-27 15:38
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:57.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:38:40.976Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24187"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24187"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24187",
"datePublished": "2026-05-26T17:12:42.081Z",
"dateReserved": "2026-01-21T19:09:32.733Z",
"dateUpdated": "2026-05-27T15:38:40.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24182 (GCVE-0-2026-24182)
Vulnerability from nvd – Published: 2026-05-26 17:16 – Updated: 2026-05-27 15:37
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-667 - Improper Locking
Assigner
References
Impacted products
25 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53. Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:27:51.095912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:38:08.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53. Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-667",
"description": "CWE-667 Improper Locking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:37:52.121Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24182"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24182"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24182",
"datePublished": "2026-05-26T17:16:42.147Z",
"dateReserved": "2026-01-21T19:09:32.732Z",
"dateUpdated": "2026-05-27T15:37:52.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33221 (GCVE-0-2025-33221)
Vulnerability from nvd – Published: 2026-05-26 17:26 – Updated: 2026-05-27 15:36
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service.
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
24 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:22:48.086550Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:35:34.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Data tampering, denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:36:35.699Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33221"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33221"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33221",
"datePublished": "2026-05-26T17:26:29.463Z",
"dateReserved": "2025-04-15T18:51:06.915Z",
"dateUpdated": "2026-05-27T15:36:35.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33237 (GCVE-0-2025-33237)
Vulnerability from nvd – Published: 2026-01-28 17:49 – Updated: 2026-01-28 18:02
VLAI
Summary
NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 1.4.5.7
|
|
| NVIDIA | RTX, Quadro, NVS |
Affected:
All driver versions prior to 1.4.5.7
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33237",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-28T18:02:05.399768Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T18:02:25.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R590)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 1.4.5.7"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R590)"
],
"product": "RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 1.4.5.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service."
}
],
"value": "NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T17:49:02.521Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33237"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33237"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33237",
"datePublished": "2026-01-28T17:49:02.521Z",
"dateReserved": "2025-04-15T18:51:08.191Z",
"dateUpdated": "2026-01-28T18:02:25.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33220 (GCVE-0-2025-33220)
Vulnerability from nvd – Published: 2026-01-28 17:48 – Updated: 2026-02-26 15:04
VLAI
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.105.06(All versions prior to and including vGPU software 19.3)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
570.195.02(All versions prior to and including vGPU software 18.5)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.274.03(All versions prior to and including vGPU software 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T04:55:54.370394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:45.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.06(All versions prior to and including vGPU software 19.3)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 18)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.195.02(All versions prior to and including vGPU software 18.5)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.274.03(All versions prior to and including vGPU software 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure."
}
],
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Code execution, escalation of privileges, data tampering, denial of service, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T17:48:40.752Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33220"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33220"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33220",
"datePublished": "2026-01-28T17:48:40.752Z",
"dateReserved": "2025-04-15T18:51:06.915Z",
"dateUpdated": "2026-02-26T15:04:45.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33219 (GCVE-0-2025-33219)
Vulnerability from nvd – Published: 2026-01-28 17:48 – Updated: 2026-02-26 15:04
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
Impacted products
20 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | Guest driver |
Affected:
580.105.08(All versions prior to and including vGPU software 19.3)
|
|
| NVIDIA | Guest driver |
Affected:
570.195.03(All versions prior to and including vGPU software 18.5)
|
|
| NVIDIA | Guest driver |
Affected:
535.274.02(All versions prior to and including vGPU software 16.12)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.105.06(All versions prior to and including vGPU software 19.3)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
570.195.02(All versions prior to and including vGPU software 18.5)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.274.03(All versions prior to and including vGPU software 16.12)
|
|
| NVIDIA | Guest driver |
Affected:
580.105.08(All versions up to and including the November 2025 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.105.06(All versions up to and including the November 2025 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T04:55:53.249554Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:46.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.08(All versions prior to and including vGPU software 19.3)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570 vGPU 18)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.195.03(All versions prior to and including vGPU software 18.5)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.274.02(All versions prior to and including vGPU software 16.12)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.06(All versions prior to and including vGPU software 19.3)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 18)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.195.02(All versions prior to and including vGPU software 18.5)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.274.03(All versions prior to and including vGPU software 16.12)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.08(All versions up to and including the November 2025 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.06(All versions up to and including the November 2025 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Code execution, escalation of privileges, data tampering, denial of service, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T17:48:07.106Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33219"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33219"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33219",
"datePublished": "2026-01-28T17:48:07.106Z",
"dateReserved": "2025-04-15T18:51:06.915Z",
"dateUpdated": "2026-02-26T15:04:46.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33221 (GCVE-0-2025-33221)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:26 – Updated: 2026-05-27 15:36
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service.
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
24 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:22:48.086550Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:35:34.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Data tampering, denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:36:35.699Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33221"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33221"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33221",
"datePublished": "2026-05-26T17:26:29.463Z",
"dateReserved": "2025-04-15T18:51:06.915Z",
"dateUpdated": "2026-05-27T15:36:35.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24194 (GCVE-0-2026-24194)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:24 – Updated: 2026-05-27 15:41
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:05.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:41:55.643Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24194"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24194"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24194",
"datePublished": "2026-05-26T17:24:13.664Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:41:55.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24191 (GCVE-0-2026-24191)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:23 – Updated: 2026-05-27 15:40
VLAI
Summary
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.94(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:04.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.94(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:40:06.029Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24191"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24191"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24191",
"datePublished": "2026-05-26T17:23:25.753Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:40:06.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24190 (GCVE-0-2026-24190)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:22 – Updated: 2026-05-27 15:39
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:03.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:39:23.833Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24190"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24190"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24190",
"datePublished": "2026-05-26T17:22:41.269Z",
"dateReserved": "2026-01-21T19:09:32.733Z",
"dateUpdated": "2026-05-27T15:39:23.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24193 (GCVE-0-2026-24193)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:21 – Updated: 2026-05-27 15:41
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:56:00.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:41:19.055Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24193"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24193"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24193",
"datePublished": "2026-05-26T17:21:42.334Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:41:19.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24196 (GCVE-0-2026-24196)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:20 – Updated: 2026-05-27 15:43
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:28:12.222207Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:24.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:43:31.436Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24196"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24196"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24196",
"datePublished": "2026-05-26T17:20:25.479Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:43:31.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24197 (GCVE-0-2026-24197)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:19 – Updated: 2026-05-27 15:44
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.94(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:53:48.535083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:54:00.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.94(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Azure Local",
"Windows Server(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Initialization of a Resource with an Insecure Default",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:44:16.401Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24197"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24197"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24197",
"datePublished": "2026-05-26T17:19:40.408Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:44:16.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24199 (GCVE-0-2026-24199)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:18 – Updated: 2026-05-27 15:45
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24199",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:28:04.539911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:37.935Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:45:30.532Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24199"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24199"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24199",
"datePublished": "2026-05-26T17:18:50.759Z",
"dateReserved": "2026-01-21T19:09:34.080Z",
"dateUpdated": "2026-05-27T15:45:30.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24198 (GCVE-0-2026-24198)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:17 – Updated: 2026-05-27 15:44
VLAI
Summary
NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:27:58.663079Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:37:53.125Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure."
}
],
"value": "NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, data tampering, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:44:45.771Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24198"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24198"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24198",
"datePublished": "2026-05-26T17:17:54.052Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:44:45.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24182 (GCVE-0-2026-24182)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:16 – Updated: 2026-05-27 15:37
VLAI
Summary
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-667 - Improper Locking
Assigner
References
Impacted products
25 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 582.53. Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected.
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 596.36
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 582.53
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 539.72
|
|
| NVIDIA | Guest driver |
Affected:
595.97(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
582.16(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
539.64(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:27:51.095912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:38:08.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53. Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected."
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 596.36"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 582.53"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 539.72"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.97(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "582.16(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "539.64(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service."
}
],
"value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-667",
"description": "CWE-667 Improper Locking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:37:52.121Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24182"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24182"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24182",
"datePublished": "2026-05-26T17:16:42.147Z",
"dateReserved": "2026-01-21T19:09:32.732Z",
"dateUpdated": "2026-05-27T15:37:52.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24192 (GCVE-0-2026-24192)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:14 – Updated: 2026-05-27 15:40
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-681 - Incorrect Conversion between Numeric Types
Assigner
References
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:58.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681 Incorrect Conversion between Numeric Types",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:40:46.679Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24192"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24192"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24192",
"datePublished": "2026-05-26T17:14:31.794Z",
"dateReserved": "2026-01-21T19:09:34.079Z",
"dateUpdated": "2026-05-27T15:40:46.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-24187 (GCVE-0-2026-24187)
Vulnerability from cvelistv5 – Published: 2026-05-26 17:12 – Updated: 2026-05-27 15:38
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | NVIDIA RTX, Quadro, NVS |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 595.71.05
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.159.03
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.309.01
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Guest driver |
Affected:
580.126.09(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Guest driver |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
|
| NVIDIA | Guest driver |
Affected:
595.58.03(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions up to and including the March 2026 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
595.58.02(All versions prior to and including vGPU 20.0)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.126.08(All versions prior to and including vGPU 19.4)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.288.01(All versions prior to and including vGPU 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-24187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:57.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "NVIDIA RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 595.71.05"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.159.03"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.309.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R595 vGPU 20)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.09(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Cloud Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.03(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Cloud Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions up to and including the March 2026 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R595 vGPU 20)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "595.58.02(All versions prior to and including vGPU 20.0)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R580 vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.126.08(All versions prior to and including vGPU 19.4)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(R535 vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.288.01(All versions prior to and including vGPU 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, escalation of privileges, information disclosure, data tampering, code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:38:40.976Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24187"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24187"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2026-24187",
"datePublished": "2026-05-26T17:12:42.081Z",
"dateReserved": "2026-01-21T19:09:32.733Z",
"dateUpdated": "2026-05-27T15:38:40.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33237 (GCVE-0-2025-33237)
Vulnerability from cvelistv5 – Published: 2026-01-28 17:49 – Updated: 2026-01-28 18:02
VLAI
Summary
NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 1.4.5.7
|
|
| NVIDIA | RTX, Quadro, NVS |
Affected:
All driver versions prior to 1.4.5.7
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33237",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-28T18:02:05.399768Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T18:02:25.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R590)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 1.4.5.7"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows(R590)"
],
"product": "RTX, Quadro, NVS",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 1.4.5.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service."
}
],
"value": "NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of service."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T17:49:02.521Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33237"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33237"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33237",
"datePublished": "2026-01-28T17:49:02.521Z",
"dateReserved": "2025-04-15T18:51:08.191Z",
"dateUpdated": "2026-01-28T18:02:25.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33220 (GCVE-0-2025-33220)
Vulnerability from cvelistv5 – Published: 2026-01-28 17:48 – Updated: 2026-02-26 15:04
VLAI
Summary
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.105.06(All versions prior to and including vGPU software 19.3)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
570.195.02(All versions prior to and including vGPU software 18.5)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.274.03(All versions prior to and including vGPU software 16.13)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T04:55:54.370394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:45.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.06(All versions prior to and including vGPU software 19.3)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 18)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.195.02(All versions prior to and including vGPU software 18.5)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.274.03(All versions prior to and including vGPU software 16.13)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure."
}
],
"value": "NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Code execution, escalation of privileges, data tampering, denial of service, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T17:48:40.752Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33220"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33220"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33220",
"datePublished": "2026-01-28T17:48:40.752Z",
"dateReserved": "2025-04-15T18:51:06.915Z",
"dateUpdated": "2026-02-26T15:04:45.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33219 (GCVE-0-2025-33219)
Vulnerability from cvelistv5 – Published: 2026-01-28 17:48 – Updated: 2026-02-26 15:04
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
Impacted products
20 products
| Vendor | Product | Version | |
|---|---|---|---|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | GeForce |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | RTX PRO, RTX, Quadro |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 590.48.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 580.126.09
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 570.211.01
|
|
| NVIDIA | Tesla |
Affected:
All driver versions prior to 535.288.01
|
|
| NVIDIA | Guest driver |
Affected:
580.105.08(All versions prior to and including vGPU software 19.3)
|
|
| NVIDIA | Guest driver |
Affected:
570.195.03(All versions prior to and including vGPU software 18.5)
|
|
| NVIDIA | Guest driver |
Affected:
535.274.02(All versions prior to and including vGPU software 16.12)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.105.06(All versions prior to and including vGPU software 19.3)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
570.195.02(All versions prior to and including vGPU software 18.5)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
535.274.03(All versions prior to and including vGPU software 16.12)
|
|
| NVIDIA | Guest driver |
Affected:
580.105.08(All versions up to and including the November 2025 release)
|
|
| NVIDIA | Virtual GPU Manager |
Affected:
580.105.06(All versions up to and including the November 2025 release)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T04:55:53.249554Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:46.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "GeForce",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "RTX PRO, RTX, Quadro",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R590)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 590.48.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 580.126.09"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 570.211.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535)"
],
"product": "Tesla",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All driver versions prior to 535.288.01"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R580 vGPU 19)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.08(All versions prior to and including vGPU software 19.3)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R570 vGPU 18)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.195.03(All versions prior to and including vGPU software 18.5)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(R535 vGPU 16)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.274.02(All versions prior to and including vGPU software 16.12)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 19)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.06(All versions prior to and including vGPU software 19.3)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 18)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "570.195.02(All versions prior to and including vGPU software 18.5)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"XenServer",
"VMware vSphere",
"Red Hat Enterprise Linux KVM",
"Ubuntu(vGPU 16)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "535.274.03(All versions prior to and including vGPU software 16.12)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux(Gaming)"
],
"product": "Guest driver",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.08(All versions up to and including the November 2025 release)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Red Hat Enterprise Linux KVM",
"VMware vSphere(Gaming)"
],
"product": "Virtual GPU Manager",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "580.105.06(All versions up to and including the November 2025 release)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure."
}
],
"value": "NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Code execution, escalation of privileges, data tampering, denial of service, information disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T17:48:07.106Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33219"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33219"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5747"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "NVIDIA PSIRT"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-33219",
"datePublished": "2026-01-28T17:48:07.106Z",
"dateReserved": "2025-04-15T18:51:06.915Z",
"dateUpdated": "2026-02-26T15:04:46.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}