CVE-2026-24195

CVE	CVE-2026-24195
State	PUBLISHED
Assigner	nvidia
Source Priority	CVE Program / NVD first with legacy fallback
Published	2026-05-26 18:16:38 UTC
Updated	2026-05-26 19:08:15 UTC
Description	NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service.

Primary CVSS: v3.1 7.1 HIGH from [email protected]

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS: 0.000130000 probability, percentile 0.022360000 (date 2026-05-31)

Problem Types: CWE-20 | CWE-20 CWE-20 Improper Input Validation

Version	Source	Type	Score	Severity	Vector
3.1	[email protected]	Secondary	7.1	HIGH	`CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H`
3.1	CNA	CVSS	7.1	HIGH	`CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H`

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Source	Vendor	Product	Version	Platforms
CNA	NVIDIA	Guest Driver	affected 595.58.03(All versions prior to and including vGPU 20.0)	Linux(R595 vGPU 20)
CNA	NVIDIA	Guest Driver	affected 580.126.09(All versions prior to and including vGPU 19.4)	Linux(R580 vGPU 19)
CNA	NVIDIA	Guest Driver	affected 595.58.03(All versions up to and including the March 2026 release)	Linux(Cloud Gaming)

Reference	Source	Link
nvidia.custhelp.com/app/answers/detail/a_id/5821	[email protected]	nvidia.custhelp.com
www.cve.org/CVERecord	[email protected]	www.cve.org
nvd.nist.gov/vuln/detail/CVE-2026-24195	[email protected]	nvd.nist.gov

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.