Use Reddit? Come join our Reddit Sub as another place to follow the community!
We use affiliate links to earn us some pennies. Learn more.

NVIDIA reveal more GPU driver security flaws for May 2026

By - [updated]
10 comments

Last updated: 20 May 2026 at 7:52 pm UTC

Update 20/05/26 19:52 UTC - we contacted NVIDIA about an issue with some wrong driver versions noted in the bulletin, and should now have the correct details listed in the table. They mentioned the 570 driver series is on "end-of-life status", so make sure you're up to date as it's not included in the fixes.

Do you have an NVIDIA GPU? You should probably ensure you're on updated drivers, as we have another wave of security issues that have been revealed today. Not just 1 or 2 either, there's 12 that affect Linux and a few that also affect Windows here.

To ensure that your Linux system is secure you need to ensure you've updated your Linux GPU driver recently, and that will depend on what GPU model you have and what driver series you're sticking with. NVIDIA provided details on what's good:

Software Product Driver Branch Affected Driver Versions Updated Driver Version
GeForce R590 All driver versions prior to 590.48.01 590.48.01
R580 All driver versions prior to 580.126.09 580.126.09
R535 All driver versions prior to 535.309.01 535.309.01
NVIDIA RTX, Quadro, NVS R595 All driver versions prior to 595.71.05 595.71.05
R580 All driver versions prior to 580.159.03 580.159.03
R535 All driver versions prior to 535.309.01 535.309.01

These are the issues that affected Linux desktop / laptops etc:

CVE ID Description Base Score Severity Impacts
CVE-2026-24187 NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. 8.8 High Denial of service, escalation of privileges, information disclosure, data tampering, code execution
CVE-2026-24190 NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. 7.8 High Denial of service, escalation of privileges, information disclosure, data tampering, code execution
CVE-2026-24191 NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution 7.8 High Denial of service, escalation of privileges, information disclosure, data tampering, code execution
CVE-2026-24192 NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. 7.8 High Denial of service, escalation of privileges, information disclosure, data tampering, code execution
CVE-2026-24193 NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. 7.8 High Denial of service, escalation of privileges, information disclosure, data tampering, code execution
CVE-2026-24194 NVIDIA Display Driver for Linux contains a vulnerability in Unified Virtual Memory (UVM), where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service. 7.1 High Denial of service, escalation of privileges, information disclosure, data tampering, code execution
CVE-2026-24195 NVIDIA Display Driver for Linux contains a vulnerability in Unified Virtual Memory (UVM), where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service. 7.1 High Denial of service
CVE-2026-24196 NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure. 7.1 High Denial of service, information disclosure
CVE-2026-24182 NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service. 6.5 Medium Denial of service
CVE-2026-24197 NVIDIA Display Driver for Linux contains a vulnerability in Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service. 6.5 Medium Denial of service
CVE-2026-24198 NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure. 5.6 Medium Denial of service, data tampering, information disclosure
CVE-2026-24199 NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service. 4.7 Medium Denial of service
CVE-2025-33221 NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service. 4.4 Medium Data tampering, denial of service

Source: NVIDIA

The last security bulletin before this was back in January, and then October 2025 before that. You'll have to check with your Linux distribution for when they decide to provide NVIDIA driver updates as each distro does it differently.

Article taken from GamingOnLinux.com.
Tags: Security, Drivers, Misc, NVIDIA
5 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly checked on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly. You can follow me personally on Mastodon [External Link].
See more from me
Some you may have missed, popular articles from the last month:
Wine 11.8 brings updates for Mono, MSXML, VBScript and more
Toei Company established Toei Games and revealed the first titles
Alabaster Dawn from the developers of the excellent CrossCode is now in Early Access
I'm going to spend far too much time playing Orc Incremental
All posts need to follow our rules. Please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Readers can also email us for any issues or concerns.
10 comments

Pikolo a day ago
User Avatar
These are relatively old versions, seems like the disclosure NDA time extended beyond the driver release date. I'm on 580.142 and Kubuntu 24.04 is not the most bleeding edge distro
Caldathras a day ago
User Avatar
Nvidia just released 580.159.04 today.
Linas a day ago
User Avatar
Wait, how should I interpret this? The driver branch is R570, but the fixed driver is 535? There is no fixed 570 driver?
CatKiller a day ago
User Avatar
Quoting: LinasWait, how should I interpret this? The driver branch is R570, but the fixed driver is 535? There is no fixed 570 driver?
I'm pretty sure Nvidia just messed up their table for their press release. From the context of the rest of the table, I expect that 570.211.01 is the version that fixes the 570 branch.
Liam Squires-Hand 14 hours ago
User Avatar
Quoting: CatKiller
Quoting: LinasWait, how should I interpret this? The driver branch is R570, but the fixed driver is 535? There is no fixed 570 driver?
I'm pretty sure Nvidia just messed up their table for their press release. From the context of the rest of the table, I expect that 570.211.01 is the version that fixes the 570 branch.
Good catch, I've updated it and let NVIDIA know.
Phlebiac 14 hours ago
User Avatar
Quoting: Liam Squires-Hand
Quoting: CatKiller
Quoting: LinasWait, how should I interpret this? The driver branch is R570, but the fixed driver is 535? There is no fixed 570 driver?
I'm pretty sure Nvidia just messed up their table for their press release. From the context of the rest of the table, I expect that 570.211.01 is the version that fixes the 570 branch.
Good catch, I've updated it and let NVIDIA know.
R570 in the second list is also botched.
Liam Squires-Hand 14 hours ago
User Avatar
Quoting: Phlebiac
Quoting: Liam Squires-Hand
Quoting: CatKiller
Quoting: LinasWait, how should I interpret this? The driver branch is R570, but the fixed driver is 535? There is no fixed 570 driver?
I'm pretty sure Nvidia just messed up their table for their press release. From the context of the rest of the table, I expect that 570.211.01 is the version that fixes the 570 branch.
Good catch, I've updated it and let NVIDIA know.
R570 in the second list is also botched.
Sigh, I'll let NVIDIA know about that too...
danniello 10 hours ago
User Avatar
What you people do not understand? nVidia versioning is so easy. Example:

* 570.673.56.01 stable
* 570.577.66.02 beta
* 570.773.661.1 gamma

Off course the newest version in this example is "570.577.66.02", because the third of second number is written in capital letters.
Kimyrielle 6 hours ago
User Avatar
At least they fixed the missing i386 packages when updating the repo. My old games work again on 595.
Liam Squires-Hand 1 hour ago
User Avatar
Article updated after speaking with NVIDIA. The 570 series is "end-of-life status" and was not updated for this security issue, and has been removed from the list. Make sure you using one of the updated series noted in the article.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon Logo Patreon. Plain Donations: PayPal Logo PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register
Register Forgot Login?
★ Support Us
Popular this week
Search or view by category
Contact
Latest Guides
MorrowindHow to setup OpenMW for modern Morrowind on Linux / SteamOS and Steam Deck
By Liam Squires-Hand,
11
Hollow Knight: SilksongHow to install Hollow Knight: Silksong mods on Linux, SteamOS and Steam Deck
By Liam Squires-Hand,
1
> View more Tips & Guides
Recently Updated
Buy Games
Buy games with our affiliate / partner links:
Latest Forum Posts
Misc