New academic research has revealed a series of advanced RowHammer-based attacks targeting high-performance GPUs, demonstrating the potential for privilege escalation and even full system compromise. The attacks codenamed GPUBreach, GDDRHammer, and GeForge highlight a significant shift in how hardware-level vulnerabilities can be exploited beyond traditional CPU memory.
The most critical of these, GPUBreach, builds upon earlier work like GPUHammer and shows for the first time that bit-flips in GPU memory can do more than corrupt data they can enable attackers to gain deep system-level control. By exploiting GDDR6 memory, researchers demonstrated that an unprivileged process could manipulate GPU page tables to achieve arbitrary memory read/write access.
This access can then be chained into a broader attack by targeting vulnerabilities in NVIDIA drivers, ultimately allowing attackers to escalate privileges on the CPU and spawn a root shell. Notably, the attack works even when protections like the Input-Output Memory Management Unit (IOMMU) are enabled, bypassing a key security boundary designed to isolate memory access.
RowHammer attacks exploit electrical interference in Dynamic Random-Access Memory (DRAM), where repeated access to memory rows causes bit flips in adjacent rows. While mitigations such as Error-Correcting Code (ECC) and Target Row Refresh (TRR) exist, researchers found that these protections are not always sufficient especially against sophisticated, multi-bit flip techniques.
Earlier research introduced GPUHammer, which demonstrated how such attacks could degrade machine learning model accuracy by up to 80% on GPUs. However, GPUBreach significantly raises the stakes by enabling full privilege escalation and even access to sensitive assets such as cryptographic keys.
The newly disclosed techniques, including GDDRHammer and GeForge, also exploit GPU memory structures to gain unauthorized access to both GPU and CPU memory. While these attacks achieve similar outcomes, GPUBreach stands out for its ability to escalate privileges even with IOMMU protections enabled, making it particularly dangerous for cloud, AI, and multi-tenant environments.
Security experts warn that current mitigations remain limited. Enabling ECC may offer partial protection, but it is not foolproof especially in cases involving multiple bit flips. Additionally, many consumer-grade GPUs lack ECC support altogether, leaving systems exposed.
This research underscores a growing concern in cybersecurity: as GPUs become central to AI and high-performance computing, they are also emerging as a new attack surface. Organizations leveraging GPU infrastructure must now consider hardware-level threats alongside traditional software vulnerabilities to ensure comprehensive security.
Recommended Cyber Technology News :
- Invary Carahsoft Boost Government Defense Against AI Threats
- Naru Security and Viaweb Launch Zero Trust Hosting
- Rethinking Router Security in the Zero Trust Era
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
