Skip to main content

NVIDIA Display Driver CVE-2026-24197

| EUVDEUVD-2026-31926 MEDIUM
Initialization of a Resource with an Insecure Default (CWE-1188)
2026-05-26 nvidia GHSA-fmw6-8h3h-292c
6.5
CVSS 3.1 · Vendor: nvidia
Share

Severity by source

Vendor (nvidia) PRIMARY
6.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from Vendor (nvidia).

CVSS VectorVendor: nvidia

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jun 08, 2026 - 12:37 vuln.today
CVE Published
May 26, 2026 - 17:19 nvd
MEDIUM 6.5

DescriptionCVE.org

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service.

AnalysisAI

NVIDIA Display Driver for Linux exposes a denial-of-service condition in the Multi-Instance GPU (MIG) partition management subsystem, rooted in insecure default initialization of memory subsystem routing resources (CWE-1188). A local authenticated user - with low privileges on a Linux system running MIG-enabled Tesla, GeForce, RTX/Quadro/NVS, or Virtual GPU Manager driver branches - can trigger a hang or data corruption during partition reconfiguration, potentially disrupting all GPU workloads sharing the affected physical GPU. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local access to MIG-enabled Linux host
Delivery
Identify active MIG GPU partition configuration
Exploit
Invoke partition reconfiguration via NVIDIA management interface
Execution
Trigger uninitialized memory subsystem routing resources
Persist
Cause GPU driver hang or data corruption
Impact
Deny GPU compute access to all co-tenant MIG instances

Vulnerability AssessmentAI

Exploitation The MIG (Multi-Instance GPU) feature must be actively enabled on the NVIDIA GPU; this is a non-default configuration that requires explicit administrator enablement via nvidia-smi and is primarily deployed in data center and virtualized environments (Tesla/A100/H100 class hardware). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 6.5 Medium score reflects a local attack vector (AV:L), low complexity (AC:L), low privilege requirement (PR:L), no user interaction (UI:N), changed scope (S:C), and high availability impact (A:H) with no confidentiality or integrity impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privileged local user or container process on a Linux host with MIG-enabled NVIDIA GPUs invokes NVIDIA management APIs or driver ioctls to trigger a MIG partition reconfiguration event. Due to uninitialized memory subsystem routing resources, the GPU driver enters a corrupt or hung state during reconfiguration, crashing or stalling the GPU instance along with all co-resident MIG partitions on the same physical device - denying GPU compute access to all other tenants sharing that GPU. …
Remediation Apply the NVIDIA-released patched drivers available via the NVIDIA security advisory at https://nvidia.custhelp.com/app/answers/detail/a_id/5821. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Nvidia

View all
CVE-2025-23359 HIGH POC
8.3 Feb 12

NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default co

CVE-2026-41512 CRITICAL
9.9 May 08

Remote code execution in ai-scanner versions 1.0.0 through 1.4.0 allows authenticated attackers to inject and execute ar

CVE-2026-24178 CRITICAL
9.8 Apr 28

Authentication bypass in NVIDIA NVFlare Dashboard allows remote unauthenticated attackers to escalate privileges through

CVE-2026-24207 CRITICAL
9.8 May 20

Authentication bypass in NVIDIA Triton Inference Server allows unauthenticated remote attackers to reach protected funct

CVE-2026-24270 CRITICAL
9.8 Jul 01

Authentication bypass in NVIDIA AIStore, a scalable distributed object-storage framework for AI/ML data pipelines, lets

CVE-2026-55447 CRITICAL
9.6 Jun 19

Arbitrary file read leading to remote code execution affects Langflow versions prior to 1.9.2 in any flow that uses Base

CVE-2026-53805 CRITICAL
9.3 Jun 17

Unauthenticated remote code execution in NVIDIA Spatial Intelligence Lab's GEN3C inference API server allows network att

CVE-2025-33187 CRITICAL
9.3 Nov 25

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to

CVE-2025-33244 CRITICAL
9.0 Mar 24

NVIDIA APEX for Linux contains a deserialization of untrusted data vulnerability that affects environments using PyTorch

CVE-2025-23351 CRITICAL
9.0 Jul 01

Out-of-bounds write in the command interface of NVIDIA ConnectX SmartNICs and BlueField DPUs allows a local user holding

CVE-2025-23350 CRITICAL
9.0 Jul 01

Out-of-bounds write in the command interface of NVIDIA ConnectX network adapters and BlueField DPUs allows a local user

CVE-2025-23254 HIGH
8.8 May 01

NVIDIA TensorRT-LLM for any platform contains a vulnerability in python executor where an attacker may cause a data vali

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Micro 5.3 Fixed

Share

CVE-2026-24197 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy