CVE-2026-24198

Public on 2026-05-26
Modified on 2026-05-29
Description
NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure.
Severity
Medium severity
Medium
See what this means
CVSS v3 Base Score
5.6
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2023 cuda-compat 2026-06-08 ALAS2023NVIDIA-2026-296 Fixed
Amazon Linux 2023 cuda-drivers 2026-06-08 ALAS2023NVIDIA-2026-295 Fixed
Amazon Linux 2023 kmod-nvidia-latest-dkms 2026-06-08 ALAS2023NVIDIA-2026-294 Fixed
Amazon Linux 2023 kmod-nvidia-open-dkms 2026-06-08 ALAS2023NVIDIA-2026-293 Fixed
Amazon Linux 2023 libnvidia-nscq 2026-06-08 ALAS2023NVIDIA-2026-291 Fixed
Amazon Linux 2023 libnvsdm 2026-06-08 ALAS2023NVIDIA-2026-290 Fixed
Amazon Linux 2023 nvidia-driver 2026-06-08 ALAS2023NVIDIA-2026-292 Fixed
Amazon Linux 2023 nvidia-fabricmanager 2026-06-08 ALAS2023NVIDIA-2026-289 Fixed
Amazon Linux 2023 nvidia-imex 2026-06-08 ALAS2023NVIDIA-2026-288 Fixed
Amazon Linux 2023 nvidia-kmod-common 2026-06-08 ALAS2023NVIDIA-2026-287 Fixed
Amazon Linux 2023 nvidia-modprobe 2026-06-08 ALAS2023NVIDIA-2026-285 Fixed
Amazon Linux 2023 nvidia-open 2026-06-08 ALAS2023NVIDIA-2026-284 Fixed
Amazon Linux 2023 nvidia-persistenced 2026-06-08 ALAS2023NVIDIA-2026-283 Fixed
Amazon Linux 2023 nvidia-settings 2026-06-08 ALAS2023NVIDIA-2026-286 Fixed
Amazon Linux 2023 nvidia-xconfig 2026-06-08 ALAS2023NVIDIA-2026-282 Fixed
Amazon Linux 2023 nvlink5 2026-06-08 ALAS2023NVIDIA-2026-281 Fixed
Amazon Linux 2023 nvlink5-580 2026-06-08 ALAS2023NVIDIA-2026-280 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2026-24198 Mitre: CVE-2026-24198