CVE-2026-24197

Summary

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
NVIDIAGeForceAll driver versions prior to 595.71.05affected
NVIDIAGeForceAll driver versions prior to 580.159.03affected
NVIDIAGeForceAll driver versions prior to 535.309.01affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 595.71.05affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 580.159.03affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 535.309.01affected
NVIDIATeslaAll driver versions prior to 595.71.05affected
NVIDIATeslaAll driver versions prior to 580.159.03affected
NVIDIATeslaAll driver versions prior to 535.309.01affected
NVIDIAVirtual GPU Manager595.58.02(All versions prior to and including vGPU 20.0)affected
NVIDIAVirtual GPU Manager580.126.08(All versions prior to and including vGPU 19.4)affected
NVIDIAVirtual GPU Manager595.94(All versions prior to and including vGPU 20.0)affected
NVIDIAVirtual GPU Manager582.16(All versions prior to and including vGPU 19.4)affected

Weaknesses

  • CWE-1188: CWE-1188 Initialization of a Resource with an Insecure Default

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References