Post

GPUBreach Exploit Uses GPU Memory Bit-Flips for Full System Takeover

Posted
By ictsec.pl
2 min read
GPUBreach Exploit Uses GPU Memory Bit-Flips for Full System Takeover

GPUBreach Exploit Overview

The GPUBreach attack technique utilizes GPU memory bit-flips to escalate privileges and potentially take full control of a system. New research indicates that attacks like GPUBreach exploit RowHammer bit-flips in GPU memory (GDDR6) to go beyond mere data corruption. Attackers can leverage this technique to escalate privileges and, in some cases, gain full control of the system. Unlike earlier GPUHammer methods, this approach demonstrates that GPU memory faults can directly impact CPU-level security, making the threat significantly more serious. ๐Ÿš€

Key Findings

  • Privilege Escalation: GPUBreach shows that GPU Rowhammer attacks can extend beyond data corruption to real privilege escalation. By corrupting GPU page tables, an unprivileged CUDA kernel can gain arbitrary GPU memory read/write access, which can then be chained into CPU-side escalation by exploiting newly discovered memory-safety bugs in the NVIDIA driver.
  • System Compromise: The result is a system-wide compromise up to a root shell, without the need to disable IOMMU, unlike contemporary works, making GPUBreach a more potent threat.
  • Data Theft: By targeting GPU page tables in memory, attackers can manipulate them through bit flips, enabling arbitrary read/write access, data theft (including cryptographic keys), and manipulation of machine learning models.

Implications

The leakage of secret keys from NVIDIA cuPQC, a library used to accelerate post-quantum cryptography, occurs when keys reside in GPU DRAM during operations such as key exchange. By tampering with one branch in cuBLAS SASS in GPU memory, accuracy can be universally driven down (for example, from 80% accuracy to 0%), more stealthily than prior weight tampering attacks; sensitive LLM weights can also be leaked.

Critically, the attack can escalate to CPU-level privileges, even with protections like input-output memory management unit (IOMMU) enabled, allowing attackers to gain root access and fully compromise the system. GPUBreach, GDDRHammer, and GeForge all demonstrate that GPU Rowhammer can corrupt page tables and enable GPU-side privilege escalation. However, GPUBreach stands out because it also achieves CPU privilege escalation even with IOMMU enabled.

Recommendations

ECC can help mitigate Rowhammer by correcting single-bit errors and detecting double-bit flips, so enabling it on supported GPUs is recommended. However, it fails against multi-bit flips and may allow silent corruption. Consumer GPUs lack ECC, leaving them without effective protection. โ€œECC is not a foolproof mitigation against GPUBreach,โ€ concludes the researchers. โ€œOn desktop or laptop GPUs, where ECC is currently unavailable, there are no known mitigations to our knowledge.โ€

For more details, check out the full article: Read full article

CYBERSECURITY
GPUBREACH GPU SECURITY EXPLOIT
This post is licensed under CC BY 4.0 by the author.