GPUBreach Attack Exploits GPU Rowhammer Vulnerability for System Takeover

Severity: High (Score: 64.5)

Sources: Bleepingcomputer, Securityaffairs.Co, Wccftech, Cybersecuritynews, Scworld

Summary

A new attack known as GPUBreach allows attackers to exploit Rowhammer bit-flips in GDDR6 memory to escalate privileges and potentially take full control of systems. Developed by researchers at the University of Toronto, GPUBreach can corrupt GPU page tables, granting arbitrary read/write access to an unprivileged CUDA kernel. This capability can be chained with memory-safety bugs in the NVIDIA driver to achieve CPU-side escalation, leading to complete system compromise without disabling IOMMU protection. The attack affects NVIDIA GPUs, including the RTX A6000, which is widely used in AI workloads. Although the researchers reported their findings to major tech companies, including NVIDIA, Google, and Microsoft, the attack remains unmitigated for consumer GPUs lacking ECC. The full details of the research will be presented at the IEEE Symposium on Security & Privacy on April 13, 2026. The implications of GPUBreach extend beyond data corruption, marking a significant escalation in GPU-related security threats. Key Points: • GPUBreach exploits Rowhammer vulnerabilities in GDDR6 memory for privilege escalation. • The attack can compromise systems without disabling IOMMU, making it a significant threat. • Affected systems include NVIDIA GPUs, particularly the RTX A6000, used in AI workloads.

Key Entities

• Zero-day Exploit (attack_type)
• T1059 - Command and Scripting Interpreter (mitre_attack)
• T1068 - Exploitation for Privilege Escalation (mitre_attack)
• Ampere Architecture (platform)
• Gddr6 (platform)
• Gddr6 Memory (platform)
• GDDR Memory (platform)
• Iommu (platform)
• CUDA (tool)
• GDDRHammer (tool)
• GeForge (tool)
• GPUBreach (tool)
• Rowhammer (vulnerability)