CVE-2026-24192
Analyzed Analyzed - Analysis Complete
NVIDIA Linux Display Driver Type Conversion Heap Overflow

Publication date: 2026-05-26

Last updated on: 2026-06-11

Assigner: NVIDIA Corporation

Description
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-06-11
Generated
2026-06-16
AI Q&A
2026-05-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-24192
EUVD
EUVD-2026-31920
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
nvidia gpu_display_driver From 595 (inc) to 595.71.05 (exc)
nvidia gpu_display_driver From 535 (inc) to 535.309.01 (exc)
nvidia gpu_display_driver From 580 (inc) to 580.159.03 (exc)
nvidia gpu_display_driver From 535 (inc) to 539.72 (exc)
nvidia gpu_display_driver From 580 (inc) to 582.53 (exc)
nvidia gpu_display_driver From 595 (inc) to 595.36 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-681 When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-24192 is a vulnerability in the NVIDIA Display Driver for Linux caused by an incorrect conversion between numeric types. This flaw leads to a heap buffer overflow, which occurs when more data is written to a buffer than it can hold.

An attacker exploiting this vulnerability could trigger various harmful effects including denial of service, escalation of privileges, information disclosure, data tampering, and even arbitrary code execution.

Impact Analysis

This vulnerability can have serious impacts including denial of service, where the system or application becomes unavailable.

It can also allow an attacker to escalate their privileges, gaining higher access rights than intended.

Additionally, it may lead to information disclosure, exposing sensitive data, data tampering which compromises data integrity, and execution of malicious code on the affected system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24192. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart