GPU Rowhammer Exploit (GPUBreach) Enables Full System Takeover via GPU Memory Bit‑Flips
What Happened — Researchers disclosed a new attack, GPUBreach, that leverages RowHammer‑style bit‑flips in GDDR6 GPU memory to corrupt GPU page tables, obtain arbitrary GPU memory read/write, and chain the exploit into CPU‑level privilege escalation, yielding a root shell even when IOMMU is enabled.
Why It Matters for TPRM —
- The technique bypasses traditional hardware isolation, exposing any third‑party service that relies on GPU acceleration (AI/ML, rendering, crypto).
- Compromise can lead to theft of cryptographic keys, manipulation of ML models, and full system control, amplifying supply‑chain risk.
- Mitigations (ECC, firmware patches) are not universally deployed, leaving many vendors vulnerable.
Who Is Affected — Cloud providers, SaaS platforms, and enterprises that run GPU‑intensive workloads (AI/ML, scientific computing, video processing) across all verticals.
Recommended Actions —
- Inventory all third‑party services that expose GPU resources.
- Verify that GPU drivers are patched to the latest vendor releases and that firmware updates are applied.
- Enable ECC on GPU memory where possible and review IOMMU configuration.
- Incorporate GPU‑related attack vectors into threat‑modeling and penetration‑testing scopes.
Technical Notes — The exploit flips bits in GDDR6 memory, corrupts GPU page tables, and exploits a memory‑safety bug in the NVIDIA driver to gain arbitrary CPU memory access. No CVE has been assigned yet; the research demonstrates a practical, end‑to‑end privilege‑escalation chain. Source: Security Affairs