Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

GPUBreach GPU Rowhammer research enables GDDR6 page-table corruption and privilege escalation

Technical Analysis
First reported
Last updated
Happening score
H score 16
2 unique sources, 2 articles

Summary

Hide ▲

GPUBreach research shows Rowhammer bit flips in GDDR6 can corrupt GPU page tables, creating a path to arbitrary GPU memory read/write and potential full system compromise. The finding matters because the escalation chain can succeed with IOMMU enabled, weakening a common memory-isolation defense. The work is scheduled for presentation at the IEEE Symposium on Security & Privacy on April 13.

Related Happenings

Popular open-source web-based system administration tool zero-day 2FA-bypass security flaw

Vulnerability
First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: An **AI-assisted zero-day** in a **popular open-source web-based system administration tool** created a **2FA-bypass** risk before the flaw was closed by the vendor. **GTIG** said...

Open Happening

Google GTIG analysis of adversary AI use for exploit development and attack orchestration

Technical Analysis
First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: **Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...

Open Happening

Linux kernel Dirty Frag and Copy Fail 2 privilege escalation (multiple vulnerabilities)

Vulnerability
First: 11.05.2026 11:15 Last: 11.05.2026 11:15 Sources 1

About this happening: A newly disclosed **Linux kernel** local privilege-escalation flaw, **Dirty Frag and Copy Fail 2**, can let an unprivileged user reach **root** on affected systems. The bug chains...

Open Happening

Windows zero-day exploitation wave

Exploitation Wave
First: 17.04.2026 09:14 Last: 17.04.2026 09:14 Sources 1

About this happening: **BlueHammer**, **RedSun**, and **UnDefend** are being exploited in the wild against **Windows** devices, creating active risk of **SYSTEM** or elevated administrator compromise....

Latest development: 23.04.2026 14:05

CISA added BlueHammer, tracked as CVE-2026-33825, to its Known Exploited Vulnerabilities (KEV) Catalog and ordered Federal Civilian Executive Branch (FCEB) agencies to patch Microsoft Defender on Windows systems within two weeks, until May 7. The federal directive targets ongoing zero-day abuse of the flaw on U.S. government systems.

Open Happening

Windows Task Host link-following privilege escalation (CVE-2025-60710)

Vulnerability
First: 15.04.2026 17:51 Last: 15.04.2026 17:51 Sources 1

About this happening: CISA added **CVE-2025-60710** to its actively exploited catalog after finding a **Windows Task Host** link-following flaw that can let **local attackers** escalate to **SYSTEM** o...

Open Happening

Timeline

  1. 07.04.2026 00:44 1 articles · 1mo ago

    GPUBreach findings disclosed to NVIDIA, Google, AWS, and Microsoft

    Initial Disclosure

    University of Toronto researchers reported GPUBreach findings to NVIDIA, Google, AWS, and Microsoft on November 11, 2025, flagging a GPU Rowhammer chain that can flip bits in GDDR6 memory, corrupt GPU page tables, and enable privilege escalation through NVIDIA driver memory-safety bugs.

    Show sources
    Open in new tab
  2. 07.04.2026 00:44 2 articles · 1mo ago

    GPUBreach public technical disclosure and presentation schedule

    Technical Analysis Update

    University of Toronto researchers publicly disclosed GPUBreach, a GPU Rowhammer attack against GDDR6 memory that can corrupt GPU page tables, grant arbitrary GPU memory read/write through an unprivileged CUDA kernel, and chain into NVIDIA driver memory-safety bugs for full system compromise; the work was scheduled for presentation at the IEEE Symposium on Security & Privacy in Oakland on April 13.

    Show sources
    Open in new tab