CVE-2026-24194
NVIDIA Linux Display Driver Kernel Mode Permission Handling Flaw
Publication date: 2026-05-26
Last updated on: 2026-05-26
Assigner: NVIDIA Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | display_driver | *-* |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-281 | The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-24194 is a vulnerability in the NVIDIA Display Driver for Linux, specifically in a kernel mode layer handler. The flaw involves improper permission handling, which means that the system does not correctly enforce access controls in this part of the driver.
A user could exploit this vulnerability to perform unauthorized actions by bypassing normal permission checks.
How can this vulnerability impact me? :
Exploiting this vulnerability could lead to several serious impacts including denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
- Denial of Service: The system or driver could be made unavailable or unstable.
- Escalation of Privileges: An attacker could gain higher-level access than intended.
- Information Disclosure: Sensitive information could be exposed to unauthorized users.
- Data Tampering: Data integrity could be compromised by unauthorized modifications.
- Code Execution: An attacker could run arbitrary code on the affected system.