目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CVE-2026-24191— NVIDIA Windows显示驱动特权提升漏洞

CVSS 7.8 · High EPSS 0.01% · P1

可能的 ATT&CK 技术 1AI

T1200 · Hardware Additions

影响版本矩阵 13

厂商产品版本范围状态
NVIDIAGeForceAll driver versions prior to 596.36affected
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU arcaffected
NVIDIAGuest driver595.97(All versions prior to and including vGPU 20.0)affected
582.16(All versions prior to and including vGPU 19.4)affected
539.64(All versions prior to and including vGPU 16.13)affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 596.36affected
All driver versions prior to 582.53affected
All driver versions prior to 539.72affected
NVIDIATeslaAll driver versions prior to 596.36affected
All driver versions prior to 582.53affected
All driver versions prior to 539.72affected
NVIDIAVirtual GPU Manager595.94(All versions prior to and including vGPU 20.0)affected
582.16(All versions prior to and including vGPU 19.4)affected
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2026-24191 基础信息

漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
来源: 美国国家漏洞数据库 NVD

受影响产品

厂商产品影响版本CPE订阅
NVIDIAGeForce All driver versions prior to 596.36 -
NVIDIAGeForce All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected. -
NVIDIANVIDIA RTX, Quadro, NVS All driver versions prior to 596.36 -
NVIDIANVIDIA RTX, Quadro, NVS All driver versions prior to 582.53 -
NVIDIANVIDIA RTX, Quadro, NVS All driver versions prior to 539.72 -
NVIDIATesla All driver versions prior to 596.36 -
NVIDIATesla All driver versions prior to 582.53 -
NVIDIATesla All driver versions prior to 539.72 -
NVIDIAGuest driver 595.97(All versions prior to and including vGPU 20.0) -
NVIDIAGuest driver 582.16(All versions prior to and including vGPU 19.4) -
NVIDIAGuest driver 539.64(All versions prior to and including vGPU 16.13) -
NVIDIAVirtual GPU Manager 595.94(All versions prior to and including vGPU 20.0) -
NVIDIAVirtual GPU Manager 582.16(All versions prior to and including vGPU 19.4) -

二、漏洞 CVE-2026-24191 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2026-24191 的情报信息

登录查看更多情报信息。

CVE-2026-24191 厂商安全公告 (1)

CVE-2026-24191 其他参考 (1)

同批安全公告 · NVIDIA · 2026-05-26 · 共 17 条

CVE-2026-241878.8 HIGHNVIDIA Linux驱动越权执行漏洞
CVE-2026-241947.8 HIGHNVIDIA Linux显卡驱动内核权限提升及执行漏洞
CVE-2026-241907.8 HIGHNVIDIA Display Driver权限提升漏洞
CVE-2026-241937.8 HIGHNVIDIA Display Driver漏洞致越界写入
CVE-2026-241927.8 HIGHNVIDIA Linux显示驱动堆缓冲区溢出漏洞
CVE-2026-241627.8 HIGHNVIDIA Transformers4Rec 反序列化漏洞
CVE-2026-242127.5 HIGHNVIDIA Isaac Launchable for Linux明文传输漏洞
CVE-2026-241967.1 HIGHLinux显示驱动存在越界读取漏洞
CVE-2026-241957.1 HIGHNVIDIA Display Driver Linux UVM输入验证漏洞导致拒绝服务
CVE-2026-242007.0 HIGHNVIDIA vGPU use-after-free漏洞
CVE-2026-241976.5 MEDIUMNVIDIA Linux显示驱动MIG内存子系统漏洞
CVE-2026-241826.5 MEDIUMNVIDIA显卡驱动拒绝服务漏洞
CVE-2026-242015.8 MEDIUMNVIDIA vGPU越界访问致数据篡改
CVE-2026-241985.6 MEDIUMNVIDIA GPU Display Driver for Linux Race Condition 漏洞
CVE-2026-241994.7 MEDIUMNVIDIA Linux驱动内核模块竞态条件致拒绝服务
CVE-2025-332214.4 MEDIUMNVIDIA Display Driver 权限分配漏洞

IV. Related Vulnerabilities

Same product: GeForce
Same vendor: NVIDIA
Same weakness: CWE-367

V. Comments for CVE-2026-24191

暂无评论

发表评论