"The Rowhammer technique, a hardware vulnerability known for more than a decade, works by repeatedly accessing a specific row of DRAM memory cells, generating electrical interference that causes bit flips in neighboring memory regions."
"The researchers demonstrated that GPU Rowhammer attacks can be used for more than just disruption, with their new attack, GPUBreach, allowing attackers to induce GDDR6 bit flips that corrupt GPU page tables."
"By combining GPUBreach with new memory-safety bugs in Nvidia drivers, the researchers showed that it can be used for CPU-side privilege escalation, ultimately achieving root shell privileges and full system compromise."
Researchers from the University of Toronto have identified a new Rowhammer attack called GPUBreach, which targets GDDR6 memory in GPUs. This attack can corrupt GPU page tables, allowing unauthorized read-write access to memory. By exploiting memory-safety bugs in Nvidia drivers, GPUBreach enables CPU-side privilege escalation, leading to root shell access and full system compromise. This vulnerability is particularly concerning in cloud environments where multiple users share GPUs, as it does not require physical access to the targeted system but does necessitate co-location with the victim.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]