Amazon Linux 2023 Security Advisory: ALAS2023NVIDIA-2026-289
Advisory Released Date: 2026-06-08
Advisory Updated Date: 2026-06-08
FAQs regarding Amazon Linux ALAS/CVE Severity
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service. (CVE-2025-33221)
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service. (CVE-2026-24182)
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. (CVE-2026-24187)
NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. (CVE-2026-24190)
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. (CVE-2026-24192)
NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. (CVE-2026-24194)
NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service. (CVE-2026-24195)
NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure. (CVE-2026-24196)
NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service. (CVE-2026-24197)
NVIDIA GPU Display Driver for Linux contains a vulnerability where an advanced attacker could use a race condition to leak sensitive memory, which might cause limited exposure of sensitive information to an unauthorized actor. A successful exploit of this vulnerability might lead to denial of service, data tampering, and information disclosure. (CVE-2026-24198)
NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service. (CVE-2026-24199)
Affected Packages:
nvidia-fabricmanager
Issue Correction:
Run dnf update nvidia-fabricmanager --releasever latest or dnf update --advisory ALAS2023NVIDIA-2026-289 --releasever latest to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
x86_64:
nvidia-fabric-manager-devel-595.71.05-1.amzn2023.x86_64
nvidia-fabricmanager-595.71.05-1.amzn2023.x86_64