7.8

CVE-2026-24192

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NvidiaGpu Display Driver SwPlatformlinux Version >= 535 < 535.309.01
NvidiaGpu Display Driver SwPlatformwindows Version >= 535 < 539.72
NvidiaGpu Display Driver SwPlatformlinux Version >= 580 < 580.159.03
NvidiaGpu Display Driver SwPlatformwindows Version >= 580 < 582.53
NvidiaGpu Display Driver SwPlatformwindows Version >= 595 < 595.36
NvidiaGpu Display Driver SwPlatformlinux Version >= 595 < 595.71.05
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.105
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@nvidia.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-681 Incorrect Conversion between Numeric Types

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

https://nvidia.custhelp.com/app/answers/detail/a_id/5821
Vendor Advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-24192
Third Party Advisory
https://www.cve.org/CVERecord?id=CVE-2026-24192
Third Party Advisory