CVE-2026-24187
Received
Received - Intake
Use-After-Free in NVIDIA Linux Display Driver
Publication date: 2026-05-26
Last updated on: 2026-05-26
Assigner: NVIDIA Corporation
Description
Description
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | display_driver | *-* |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-24187 is a vulnerability in the NVIDIA Display Driver for Linux involving a use-after-free condition. This means that the software improperly handles memory that has already been freed, which an attacker can exploit.
Exploiting this vulnerability could allow an attacker to cause various harmful effects such as denial of service, escalation of privileges, information disclosure, data tampering, and even arbitrary code execution.
How can this vulnerability impact me? :
If exploited, this vulnerability can have serious impacts including:
- Denial of service, which can disrupt normal operations.
- Escalation of privileges, allowing attackers to gain higher access rights.
- Information disclosure, potentially exposing sensitive data.
- Data tampering, which can compromise data integrity.
- Arbitrary code execution, enabling attackers to run malicious code.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70