CVE-2026-24199

Summary

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
NVIDIAGeForceAll driver versions prior to 595.71.05affected
NVIDIAGeForceAll driver versions prior to 580.159.03affected
NVIDIAGeForceAll driver versions prior to 535.309.01affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 595.71.05affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 580.159.03affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 535.309.01affected
NVIDIATeslaAll driver versions prior to 595.71.05affected
NVIDIATeslaAll driver versions prior to 580.159.03affected
NVIDIATeslaAll driver versions prior to 535.309.01affected
NVIDIAGuest driver580.126.09(All versions prior to and including vGPU 19.4)affected
NVIDIAGuest driver535.288.01(All versions prior to and including vGPU 16.13)affected
NVIDIAGuest driver595.58.03(All versions up to and including the March 2026 release)affected
NVIDIAVirtual GPU Manager595.58.02(All versions up to and including the March 2026 release)affected
NVIDIAVirtual GPU Manager580.126.08(All versions prior to and including vGPU 19.4)affected
NVIDIAVirtual GPU Manager535.288.01(All versions prior to and including vGPU 16.13)affected

Weaknesses

  • CWE-362: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References