Ethical Hacking News
A new attack vector known as GPUBreach has been discovered, enabling full CPU privilege escalation via GDDR6 bit-flips. This vulnerability targets NVIDIA GPUs and could potentially be exploited by malicious actors to gain unauthorized access to sensitive data. Organizations must take immediate action to protect themselves from potential exploitation.
Researchers at the University of Toronto have discovered a new attack vector called GPUBreach that enables full CPU privilege escalation via GDDR6 bit-flips. The attack targets NVIDIA GPUs with GDDR6 memory and allows attackers to corrupt GPU page tables, inducing arbitrary GPU memory read/write capabilities. The GPUBreach attack can lead to full system compromise and privilege escalation without disabling IOMMU, making it a significant threat to cloud AI infrastructure, multi-tenant GPU deployments, and HPC environments. Existing mitigations such as Error-Correcting Code (ECC) may not be sufficient to prevent GPUBreach attacks, especially if attack patterns induce more than two bit flips. Organizations are advised to take immediate action to protect themselves from potential exploitation and consider enabling ECC on the GPU as a temporary mitigation measure.
Threat Intelligence News Platform The Hacker News (THN) is pleased to bring to you a comprehensive exposé on the latest vulnerability that has shaken the very foundations of the cybersecurity community. In a shocking revelation, researchers at the University of Toronto have successfully demonstrated a new attack vector known as GPUBreach, which enables full CPU privilege escalation via GDDR6 bit-flips.
This groundbreaking discovery is the culmination of extensive research into the notorious RowHammer attacks, which were initially introduced in 2008 and primarily targeted Dynamic Random-Access Memory (DRAM) systems. Over the years, researchers have been working tirelessly to identify potential vulnerabilities that could be exploited by malicious actors to gain unauthorized access to sensitive data.
The GPUBreach attack takes advantage of a previously unknown vulnerability in NVIDIA GPUs, specifically those utilizing GDDR6 memory. This exploit allows an attacker to corrupt GPU page tables via RowHammer bit-flips, thereby inducing arbitrary GPU memory read/write capabilities. Furthermore, the compromised GPU can issue DMA (Direct Memory Access) requests into a region of CPU memory that is permitted by the IOMMU (Input/Output Memory Management Unit), leading to full system compromise and privilege escalation.
The researchers behind this discovery have also developed additional techniques dubbed GDDRHammer and GeForge, which also exploit RowHammer bit-flips to gain arbitrary read/write access to GPU memory. However, what sets GPUBreach apart is its ability to achieve full CPU privilege escalation without the need to disable IOMMU, a crucial hardware component that ensures memory security by preventing Direct Memory Access (DMA) attacks and isolating each peripheral to its own memory space.
The implications of this discovery are far-reaching, with cloud AI infrastructure, multi-tenant GPU deployments, and HPC environments being particularly vulnerable to these attacks. In fact, the researchers have demonstrated that GPUBreach can not only compromise data integrity but also leak secret cryptographic keys from NVIDIA's cuPQC (Cryptographic User Program for Quantum Computing).
In a statement, Gururaj Saileshwar, one of the authors of the study and Assistant Professor at the University of Toronto, emphasized the significance of this discovery. "By corrupting GPU page tables via GDDR6 bit-flips, an unprivileged process can gain arbitrary GPU memory read/write, and then chain that into full CPU privilege escalation — spawning a root shell — by exploiting memory-safety bugs in the NVIDIA driver," Saileshwar noted.
The researchers have also noted that existing mitigations such as Error-Correcting Code (ECC) may not be sufficient to prevent these attacks. "However, if attack patterns induce more than two bit flips (shown feasible on DDR4 and DDR5 systems), existing ECC cannot correct these and may even cause silent data corruption; so ECC is not a foolproof mitigation against GPUBreach," the researchers stated.
In light of this discovery, it is essential for organizations to take immediate action to protect themselves from potential exploitation. One temporary mitigation that can be employed is to enable ECC on the GPU. Nevertheless, as the researchers have highlighted, relying solely on ECC may not provide adequate protection against these sophisticated attacks.
The emergence of GPUBreach serves as a stark reminder of the ongoing cat-and-mouse game between cybersecurity professionals and malicious actors. As technology continues to advance at an unprecedented rate, it is crucial for organizations to stay vigilant and proactive in addressing emerging vulnerabilities.
In conclusion, the discovery of GPUBreach highlights the critical need for robust security measures that can effectively mitigate against these types of attacks. By staying informed about the latest developments in the cybersecurity landscape, organizations can better equip themselves to protect their sensitive data and prevent potential breaches.
Related Information:
https://www.ethicalhackingnews.com/articles/New-GPUBreach-Attack-Enables-Full-CPU-Privilege-Escalation-via-GDDR6-Bit-Flips-A-Deep-Dive-into-the-Latest-GPU-Vulnerability-ehn.shtml
https://thehackernews.com/2026/04/new-gpubreach-attack-enables-full-cpu.html
https://videocardz.com/newz/gpubreach-is-the-third-gpu-rowhammer-attack-and-it-can-bypass-iommu
https://en.wikipedia.org/wiki/Row_hammer
https://pmc.ncbi.nlm.nih.gov/articles/PMC10819648/
Published: Tue Apr 7 05:48:36 2026 by llama3.2 3B Q4_K_M
