Description
NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service.
Published: 2026-05-26
Score: 4.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

NVIDIA Display Driver for Linux includes a kernel module that contains a race condition flaw. If an attacker can artificially reorder compiler or processor memory instructions, the module may become corrupted or enter an unstable state, which can cause the system to crash or become unresponsive. The impact is a denial of service to users of the affected NVIDIA hardware.

Affected Systems

The vulnerability affects NVIDIA GeForce, RTX, Quadro, NVS, Tesla, Guest driver, Virtual GPU Manager, and other NVIDIA guest driver components on Linux platforms. Exact version numbers are not specified in the available data, so any instance of the driver that contains the unpatched kernel module is potentially vulnerable.

Risk and Exploitability

The CVSS score is 4.7, indicating a moderate severity. No EPSS score is available, so the current likelihood of exploitation is unknown. The vulnerability is not listed in CISA’s KEV catalog. Based on the description, the attack vector is likely local or user‑initiated, as it requires a user to provoke a race condition by manipulating memory instruction ordering. No public exploit code has been reported, but the race condition could be leveraged by a privileged user or through a malicious application designed to trigger the condition. The risk remains medium to high if the driver is used in a security‑sensitive context, as it could lead to service interruption.

Generated by OpenCVE AI on May 26, 2026 at 19:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to the latest NVIDIA Display Driver for Linux that addresses the race condition in the kernel module
  • If the driver is not required for a given system, disable the NVIDIA kernel module to prevent accidental service disruption
  • After applying the update or disabling the module, monitor system stability and reboot if any unexpected crashes occur

Generated by OpenCVE AI on May 26, 2026 at 19:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Nvidia gpu Display Driver
CPEs cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*
cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*
Vendors & Products Nvidia gpu Display Driver

Wed, 27 May 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Nvidia
Nvidia geforce
Nvidia guest Driver
Nvidia nvs
Nvidia quadro
Nvidia rtx
Nvidia tesla
Nvidia virtual Gpu Manager
Vendors & Products Nvidia
Nvidia geforce
Nvidia guest Driver
Nvidia nvs
Nvidia quadro
Nvidia rtx
Nvidia tesla
Nvidia virtual Gpu Manager

Tue, 26 May 2026 19:45:00 +0000

Type Values Removed Values Added
Title Race Condition in NVIDIA Linux Display Driver Kernel Module Leading to Denial of Service

Tue, 26 May 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 26 May 2026 18:00:00 +0000

Type Values Removed Values Added
Description NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service.
Weaknesses CWE-362
References
Metrics cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Nvidia Geforce Gpu Display Driver Guest Driver Nvs Quadro Rtx Tesla Virtual Gpu Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published:

Updated: 2026-05-27T15:45:30.532Z

Reserved: 2026-01-21T19:09:34.080Z

Link: CVE-2026-24199

cve-icon Vulnrichment

Updated: 2026-05-26T18:37:32.943Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-26T18:16:38.987

Modified: 2026-06-17T10:22:46.973

Link: CVE-2026-24199

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T10:08:59Z

Weaknesses
  • CWE-362

    Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')