CVE-2026-24198
Received
Received - Intake
Race Condition Memory Leak in NVIDIA GPU Display Driver for Linux
Publication date: 2026-05-26
Last updated on: 2026-05-26
Assigner: NVIDIA Corporation
Description
Description
NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | gpu_display_driver | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
A successful exploit of this vulnerability could result in several impacts:
- Denial of service, potentially disrupting normal operations.
- Data tampering, which could compromise the integrity of information.
- Information disclosure, leading to unauthorized exposure of sensitive data.
Can you explain this vulnerability to me?
This vulnerability exists in the NVIDIA GPU Display Driver for Linux and involves a race condition that an advanced attacker could exploit.
By exploiting this race condition, the attacker might be able to leak sensitive memory, which could lead to limited exposure of sensitive information to unauthorized users.
The vulnerability is classified under CWE-200, which means it involves exposure of sensitive information to an unauthorized actor.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70