ACCORDING to Infosecurity Magazine, a new GPU-based Rowhammer attack called GPUBreach has been demonstrated by researchers at the University of Toronto, enabling privilege escalation to a full system compromise. The technique targets corrupting GPU page tables and uses Rowhammer-induced bit flips in GDDR6 memory to allow an unprivileged CUDA kernel to gain arbitrary read and write access to GPU memory.
This access can be leveraged to exploit memory-safety vulnerabilities in the NVIDIA driver, extending beyond the GPU to compromise CPU memory and achieve full system control, including spawning a root shell, even with the IOMMU enabled. The study, to be presented at the 47th IEEE Symposium on Security & Privacy in 2026, highlights a sequence that begins with memory corruption on modern graphics hardware and ends with cross-component compromise.
It emphasises that while error-correcting code memory can mitigate some bit errors, multiple flips can evade detection, underscoring the need for reassessment of defensive measures as GPUs remain central to HPC, AI and cryptographic operations. The researchers also note that sensitive GPU-stored data, including large language model weights, could be extracted under certain conditions.