Introduction
A missing authorization check in the NVIDIA GPU Display Driver's kernel mode layer allows a local user to improperly access GPU resources, opening the door to privilege escalation, code execution, and data tampering on both Windows and Linux systems. Given that NVIDIA commands roughly 94% of the discrete GPU market, the blast radius of this vulnerability spans consumer gaming rigs, professional workstations, enterprise AI clusters, and cloud GPU instances alike.
Technical Information
CVE-2026-24190 resides in the kernel mode layer of the NVIDIA Display Driver for both Windows and Linux. The root cause is classified as CWE-862: Missing Authorization. In practical terms, the driver's code path for handling GPU resource access requests lacks sufficient authorization checks to verify whether the requesting user context is permitted to access the specific resources being requested.
Root Cause
When a user process communicates with the NVIDIA kernel driver to request GPU resources (memory regions, compute contexts, or other GPU objects), the driver is expected to validate that the caller has appropriate permissions. In vulnerable versions, this validation is either absent or incomplete. The result is that a local, unprivileged user can craft requests that the kernel mode layer processes without enforcing access controls, granting the attacker access to GPU resources that should be restricted.
Attack Flow
The attack is local in nature. An attacker who has obtained an unprivileged user account on a system running a vulnerable NVIDIA driver would follow a general exploitation path:
- The attacker identifies the installed NVIDIA driver version and confirms it falls within the vulnerable range.
- The attacker issues GPU resource access requests through the driver's user mode interface (such as IOCTL calls on Linux or equivalent mechanisms on Windows) targeting resources that belong to other processes, the kernel, or privileged GPU contexts.
- Because the kernel mode layer does not enforce proper authorization on these requests, the driver processes them and returns access to the requested GPU resources.
- Depending on the attacker's objective, this unauthorized access can be leveraged for:
- Denial of service: monopolizing or corrupting GPU resources to crash the driver or starve other processes.
- Information disclosure: reading GPU memory belonging to other users, processes, or the kernel itself.
- Data tampering: writing to GPU buffers or state without authorization.
- Privilege escalation and code execution: leveraging the kernel mode context in which the driver operates to escalate from user to kernel privileges.
Severity Context
The CVSS base score of 7.8 (High) was recorded in NVIDIA's May 2026 bulletin. The NVD entry was still marked as "Undergoing Enrichment" at the time of this analysis and had not yet published an independent NVD calculated CVSS vector.
The severity is amplified by the vulnerability's location in the kernel mode layer. GPU drivers operate at ring 0 on most systems, and any authorization bypass at this layer can translate a local user compromise into full system compromise. This is particularly concerning in:
- Multi tenant environments where multiple users share the same physical GPU hardware
- Shared workstations where untrusted users may have local accounts
- Cloud GPU instances (vGPU deployments) where tenant isolation depends on the driver's access controls
Patch Information
NVIDIA has officially patched CVE-2026-24190 as part of its May 2026 GPU Display Driver Security Bulletin (ID 5821), initially released on May 19, 2026 and revised through May 21, 2026. The fix introduces proper authorization enforcement in the kernel mode layer's GPU resource access paths, ensuring that requests are validated before resources are handed off. The patch is delivered through updated driver binaries. There is no separate hotfix or source level commit to reference, as NVIDIA's GPU drivers are proprietary.
Patched Windows Driver Versions
| Driver Branch | Minimum Patched Version |
|---|---|
| R595 | 596.36 |
| R580 | 582.53 |
| R535 | 539.72 |
NVIDIA also notes that OEM distributed Windows driver versions 595.95, 592.13, 582.42, and 539.69 contain the equivalent security fixes. The R590 branch on Windows is also explicitly listed as addressing CVE-2026-24190.
Patched Linux Driver Versions
| Driver Branch | Minimum Patched Version |
|---|---|
| R595 | 595.71.05 |
| R580 | 580.159.03 |
| R535 | 535.309.01 |
Affected Product Families
All major NVIDIA product families receive the fix: GeForce, NVIDIA RTX / Quadro / NVS, and Tesla cards across both platforms. Additionally, vGPU software guest drivers and Cloud Gaming guest drivers on Linux include this fix in their corresponding updated releases (vGPU 20.1 / 19.5 / 16.14 and the April 2026 Cloud Gaming release).
Bulletin Revision Notes
The initial release on May 19 contained errors, including an incorrect R570 branch mention for Linux GeForce and swapped R590/R595 labeling. Revision 2.0 on May 20 corrected these to reflect the R535/R595 branches and their proper driver versions. Revision 3.0 on May 21 further corrected vGPU and Windows updated version entries. Organizations tracking the bulletin should confirm they are referencing the latest revision.
Discovery Credit
The vulnerability was credited to Sihyun Roh and Byoungyoung Lee from Compsec, Seoul National University (SNU).
Obtaining the Patch
Consumer users can obtain the patched drivers via the NVIDIA Driver Downloads page. Enterprise vGPU and Cloud Gaming customers must retrieve updates through the NVIDIA Licensing Portal. Tenable published corresponding Nessus detection plugins (ID 316513 for Windows, ID 316514 for Linux) on May 22, 2026, enabling automated verification that the patched driver version is deployed.
Interim Mitigations
For environments where immediate patching is not feasible: minimize local user access on affected hosts, restrict the ability of unprivileged users to interact with GPU devices, and monitor for anomalous GPU driver crashes or unexpected GPU activity consistent with denial of service or unauthorized access attempts.
Affected Systems and Versions
The vulnerability affects NVIDIA Display Drivers for both Windows and Linux across the following driver branches and product families:
Windows (vulnerable versions prior to):
- R595 branch: versions before 596.36
- R590 branch: consult the May 2026 bulletin for the specific fixed version in this branch family
- R580 branch: versions before 582.53
- R535 branch: versions before 539.72
Linux (vulnerable versions prior to):
- R595 branch: versions before 595.71.05
- R580 branch: versions before 580.159.03
- R535 branch: versions before 535.309.01
Affected product families:
- NVIDIA GeForce (consumer)
- NVIDIA RTX / Quadro / NVS (professional)
- NVIDIA Tesla (data center)
- vGPU software guest drivers (versions prior to vGPU 20.1, 19.5, and 16.14)
- Cloud Gaming guest drivers on Linux (versions prior to the April 2026 Cloud Gaming release)
Vendor Security History
NVIDIA maintains a dedicated Product Security Incident Response Team (PSIRT) and publishes vulnerability handling policies through its PSIRT Policies page. The company has a consistent track record of issuing quarterly GPU Display Driver security bulletins. Recent examples include the October 2025, January 2026, and May 2026 bulletins, each enumerating multiple CVEs with corresponding fixed versions for Windows and Linux drivers. This cadence of recurring bulletins indicates a mature disclosure and patching process, and organizations can align their endpoint management workflows with these predictable release cycles.
References
- NVD: CVE-2026-24190
- CVE Record: CVE-2026-24190
- NVIDIA Security Bulletin: GPU Display Drivers, May 2026
- NVIDIA PSIRT Policies
- Tenable Nessus Plugin 316513 (Windows)
- Tenable Nessus Plugin 316514 (Linux)
- NVIDIA Security Bulletin: GPU Display Drivers, January 2026
- Gaming On Linux: NVIDIA Reveal More GPU Driver Security Flaws for May 2026
- CISA Known Exploited Vulnerabilities Catalog
- TechPowerUp: NVIDIA Discrete GPU Market Share Dominance Expands to 94%



