UAF in NVIDIA Linux Display Driver Enables Privilege Escalation
CVE-2026-24187 Published on May 26, 2026

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.

NVD

Vulnerability Analysis

CVE-2026-24187 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2026-24187 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2026-24187

Want to know whenever a new CVE is published for NVIDIA products? stack.watch will email you.

NVIDIA Geforce

NVIDIA Tesla

NVIDIA Virtual Gpu Manager

Affected Versions

NVIDIA GeForce:

Version All driver versions prior to 595.71.05 is affected.

NVIDIA GeForce:

Version All driver versions prior to 580.159.03 is affected.

NVIDIA GeForce:

Version All driver versions prior to 535.309.01 is affected.

NVIDIA RTX, Quadro, NVS:

Version All driver versions prior to 595.71.05 is affected.

NVIDIA RTX, Quadro, NVS:

Version All driver versions prior to 580.159.03 is affected.

NVIDIA RTX, Quadro, NVS:

Version All driver versions prior to 535.309.01 is affected.

NVIDIA Tesla:

Version All driver versions prior to 595.71.05 is affected.

NVIDIA Tesla:

Version All driver versions prior to 580.159.03 is affected.

NVIDIA Tesla:

Version All driver versions prior to 535.309.01 is affected.

NVIDIA Guest driver:

Version 595.58.03(All versions prior to and including vGPU 20.0) is affected.

NVIDIA Guest driver:

Version 580.126.09(All versions prior to and including vGPU 19.4) is affected.

NVIDIA Guest driver:

Version 535.288.01(All versions prior to and including vGPU 16.13) is affected.

NVIDIA Guest driver:

Version 595.58.03(All versions up to and including the March 2026 release) is affected.

NVIDIA Virtual GPU Manager:

Version 595.58.02(All versions up to and including the March 2026 release) is affected.

NVIDIA Virtual GPU Manager:

Version 595.58.02(All versions prior to and including vGPU 20.0) is affected.

NVIDIA Virtual GPU Manager:

Version 580.126.08(All versions prior to and including vGPU 19.4) is affected.

NVIDIA Virtual GPU Manager:

Version 535.288.01(All versions prior to and including vGPU 16.13) is affected.

Exploit Probability

EPSS

0.01%

Percentile

1.50%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

UAF in NVIDIA Linux Display Driver Enables Privilege EscalationCVE-2026-24187 Published on May 26, 2026

Vulnerability Analysis

Weakness Type

What is a Dangling pointer Vulnerability?

Products Associated with CVE-2026-24187

Affected Versions

Exploit Probability

UAF in NVIDIA Linux Display Driver Enables Privilege Escalation
CVE-2026-24187 Published on May 26, 2026