CVE-2026-24197

Public on 2026-05-26
Modified on 2026-05-29
Description
NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service.
Severity
Medium severity
Medium
See what this means
CVSS v3 Base Score
5.5
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2023 cuda-compat 2026-06-08 ALAS2023NVIDIA-2026-296 Fixed
Amazon Linux 2023 cuda-drivers 2026-06-08 ALAS2023NVIDIA-2026-295 Fixed
Amazon Linux 2023 kmod-nvidia-latest-dkms 2026-06-08 ALAS2023NVIDIA-2026-294 Fixed
Amazon Linux 2023 kmod-nvidia-open-dkms 2026-06-08 ALAS2023NVIDIA-2026-293 Fixed
Amazon Linux 2023 libnvidia-nscq 2026-06-08 ALAS2023NVIDIA-2026-291 Fixed
Amazon Linux 2023 libnvsdm 2026-06-08 ALAS2023NVIDIA-2026-290 Fixed
Amazon Linux 2023 nvidia-driver 2026-06-08 ALAS2023NVIDIA-2026-292 Fixed
Amazon Linux 2023 nvidia-fabricmanager 2026-06-08 ALAS2023NVIDIA-2026-289 Fixed
Amazon Linux 2023 nvidia-imex 2026-06-08 ALAS2023NVIDIA-2026-288 Fixed
Amazon Linux 2023 nvidia-kmod-common 2026-06-08 ALAS2023NVIDIA-2026-287 Fixed
Amazon Linux 2023 nvidia-modprobe 2026-06-08 ALAS2023NVIDIA-2026-285 Fixed
Amazon Linux 2023 nvidia-open 2026-06-08 ALAS2023NVIDIA-2026-284 Fixed
Amazon Linux 2023 nvidia-persistenced 2026-06-08 ALAS2023NVIDIA-2026-283 Fixed
Amazon Linux 2023 nvidia-settings 2026-06-08 ALAS2023NVIDIA-2026-286 Fixed
Amazon Linux 2023 nvidia-xconfig 2026-06-08 ALAS2023NVIDIA-2026-282 Fixed
Amazon Linux 2023 nvlink5 2026-06-08 ALAS2023NVIDIA-2026-281 Fixed
Amazon Linux 2023 nvlink5-580 2026-06-08 ALAS2023NVIDIA-2026-280 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2026-24197 Mitre: CVE-2026-24197