Researchers reveal GPUBreach, a new GPU Rowhammer attack that can escalate privileges and gain full CPU control on vulnerable systems.
Security researchers have uncovered a new hardware attack technique called GPUBreach that could allow attackers to gain full control of a computer by exploiting vulnerabilities in GPU memory.
The attack builds on the long-known Rowhammer vulnerability, a hardware flaw where repeatedly accessing specific memory rows can cause electrical interference that flips bits in nearby memory cells. These bit flips can corrupt data structures and potentially bypass security protections.
In the case of GPUBreach, researchers demonstrated that Rowhammer attacks targeting GDDR6 memory in GPUs can corrupt GPU page tables, allowing an unprivileged process to gain arbitrary read and write access to GPU memory.
Once that access is obtained, attackers can escalate the attack further. By manipulating trusted driver memory buffers, the compromised GPU can trigger memory-safety flaws in the system’s NVIDIA driver, ultimately allowing the attacker to gain CPU-level privileges and spawn a root shell.
The research shows that this technique can even bypass protections provided by the Input-Output Memory Management Unit (IOMMU), a hardware mechanism designed to prevent peripheral devices like GPUs from accessing sensitive areas of system memory.
GPUBreach is part of a broader set of GPU-based Rowhammer attacks that includes GDDRHammer and GeForge, which also manipulate GPU memory structures to gain access to system memory. However, GPUBreach is considered more dangerous because it can lead directly to full CPU privilege escalation and complete system compromise.
Researchers warn that the vulnerability could pose serious risks for cloud computing environments, AI infrastructure, and shared GPU systems, where multiple users run workloads on the same hardware.
While enabling error-correcting code (ECC) memory may help reduce the risk of Rowhammer attacks, researchers note that such protections are not always available on consumer GPUs and can sometimes be bypassed under certain conditions.
Currently, there is no evidence that the attack is being actively exploited, but the findings highlight growing concerns about hardware-level vulnerabilities in modern high-performance computing systems.
Reports are sourced from official documents, law-enforcement updates, and credible investigations.
Discover additional reports, market trends, crime analysis and Harm Reduction articles on DarkDotWeb to stay informed about the latest dark web operations.
