Three Rowhammer attacks targeting GDDR6 | Kaspersky official blog
Three new research papers describe theoretical Rowhammer attacks targeting GDDR6 video memory in GPUs, named GDDRHammer, GeForge, and GPUBreach. These attacks exploit physical memory vulnerabilities to manipulate GPU page tables, potentially allowing an attacker to access or modify GPU and system memory. GPUBreach can bypass IOMMU protections by exploiting NVIDIA driver bugs. While these attacks demonstrate significant security implications for GPU-accelerated AI and cloud infrastructure, they require highly sophisticated, targeted efforts and specific hardware profiling. ECC memory and IOMMU can mitigate some attacks, but GPUBreach shows these protections can be circumvented. No known exploits in the wild or patches are currently reported.
AI Analysis
Technical Summary
The three studies—GDDRHammer, GeForge, and GPUBreach—describe advanced Rowhammer-style attacks on GDDR6 memory used in GPUs. Rowhammer exploits physical properties of densely packed memory cells to induce bit flips in adjacent cells by repeated access. These attacks manipulate GPU page tables to gain arbitrary read/write access to GPU and system RAM. GDDRHammer and GeForge bypass Target Row Refresh (TRR), a hardware defense, by using specific memory access patterns. GPUBreach further bypasses IOMMU isolation by exploiting NVIDIA driver vulnerabilities. Effectiveness varies by GPU model, with consumer-grade GPUs more susceptible than professional-grade GPUs with ECC enabled. These attacks pose a theoretical risk to cloud providers renting GPU resources, potentially allowing a malicious tenant to compromise entire servers. However, the complexity and hardware specificity limit practical exploitation currently.
Potential Impact
If successfully exploited, these Rowhammer attacks could allow an attacker to escalate privileges within GPU memory, access or modify sensitive data in GPU and system RAM, and potentially compromise entire servers in multi-tenant cloud environments. The GPUBreach attack can bypass IOMMU protections, increasing the risk of cross-component compromise. However, no known exploits are reported in the wild, and the attacks require detailed hardware profiling and sophisticated techniques. ECC memory and IOMMU can mitigate or prevent these attacks, reducing their practical impact on systems with these protections enabled.
Mitigation Recommendations
No official patches or vendor advisories are currently available for these attacks. Enabling ECC memory on GPUs, where supported (e.g., Nvidia RTX A6000), effectively prevents these Rowhammer attacks. Enabling IOMMU can isolate GPU memory from system memory, mitigating escalation risks, although GPUBreach can bypass this via driver vulnerabilities. Monitoring for vendor advisories and applying updates to GPU drivers promptly is recommended to address potential driver-level exploits. Given the theoretical nature and complexity of these attacks, no immediate emergency remediation is required, but system owners should consider enabling ECC and IOMMU protections where feasible and stay alert for future patches or mitigations.
Three Rowhammer attacks targeting GDDR6 | Kaspersky official blog
Description
Three new research papers describe theoretical Rowhammer attacks targeting GDDR6 video memory in GPUs, named GDDRHammer, GeForge, and GPUBreach. These attacks exploit physical memory vulnerabilities to manipulate GPU page tables, potentially allowing an attacker to access or modify GPU and system memory. GPUBreach can bypass IOMMU protections by exploiting NVIDIA driver bugs. While these attacks demonstrate significant security implications for GPU-accelerated AI and cloud infrastructure, they require highly sophisticated, targeted efforts and specific hardware profiling. ECC memory and IOMMU can mitigate some attacks, but GPUBreach shows these protections can be circumvented. No known exploits in the wild or patches are currently reported.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The three studies—GDDRHammer, GeForge, and GPUBreach—describe advanced Rowhammer-style attacks on GDDR6 memory used in GPUs. Rowhammer exploits physical properties of densely packed memory cells to induce bit flips in adjacent cells by repeated access. These attacks manipulate GPU page tables to gain arbitrary read/write access to GPU and system RAM. GDDRHammer and GeForge bypass Target Row Refresh (TRR), a hardware defense, by using specific memory access patterns. GPUBreach further bypasses IOMMU isolation by exploiting NVIDIA driver vulnerabilities. Effectiveness varies by GPU model, with consumer-grade GPUs more susceptible than professional-grade GPUs with ECC enabled. These attacks pose a theoretical risk to cloud providers renting GPU resources, potentially allowing a malicious tenant to compromise entire servers. However, the complexity and hardware specificity limit practical exploitation currently.
Potential Impact
If successfully exploited, these Rowhammer attacks could allow an attacker to escalate privileges within GPU memory, access or modify sensitive data in GPU and system RAM, and potentially compromise entire servers in multi-tenant cloud environments. The GPUBreach attack can bypass IOMMU protections, increasing the risk of cross-component compromise. However, no known exploits are reported in the wild, and the attacks require detailed hardware profiling and sophisticated techniques. ECC memory and IOMMU can mitigate or prevent these attacks, reducing their practical impact on systems with these protections enabled.
Mitigation Recommendations
No official patches or vendor advisories are currently available for these attacks. Enabling ECC memory on GPUs, where supported (e.g., Nvidia RTX A6000), effectively prevents these Rowhammer attacks. Enabling IOMMU can isolate GPU memory from system memory, mitigating escalation risks, although GPUBreach can bypass this via driver vulnerabilities. Monitoring for vendor advisories and applying updates to GPU drivers promptly is recommended to address potential driver-level exploits. Given the theoretical nature and complexity of these attacks, no immediate emergency remediation is required, but system owners should consider enabling ECC and IOMMU protections where feasible and stay alert for future patches or mitigations.
Technical Details
- Article Source
- {"url":"https://www.kaspersky.com/blog/gddrhammer-geforge-gpubreach-attacks/55607/","fetched":true,"fetchedAt":"2026-04-14T17:47:36.006Z","wordCount":1453}
Threat ID: 69de7db882d89c981fd91337
Added to database: 4/14/2026, 5:47:36 PM
Last enriched: 4/14/2026, 5:47:44 PM
Last updated: 4/14/2026, 8:07:01 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.