Nvidia cards based on GDDR6 are vulnerable to the GPUBreach flaw, and protection against it is not yet available

New threat for NVIDIA graphics cards: GPUBreach

In 2024 researchers discovered new vulnerabilities in GDDR6 memory GPUs that allow attacking the system even with IOMMU enabled. The new name – GPUBreach – adds another level of complexity to already known attacks *GDDRHammer* and *GeForge*.

What is GPUBreach?
1. GPU page table distortion

The attack starts by corrupting the graphics processor (GPU) page table. After that, the attacker gains control over GPU memory.

2. CUDA access to arbitrary memory

CUDA module privileges are elevated to read and write any GPU memory regions, even if the system is protected by IOMMU.

3. Kernel takeover

By combining this step with recently discovered security bugs in NVIDIA drivers, researchers move from GPU control to compromising the operating system kernel (CPU).

As a result, the attacker can gain access to a shell with superuser privileges.

Cards tested
- NVIDIA RTX A6000 – professional GDDR6 card with built‑in ECC support.

- Reputable researchers believe the vulnerability also extends to more mainstream models such as the RTX 3060, although this has not been officially confirmed.

How GPUBreach differs from previous attacks
Attack | Access to CPU memory | Privileges with IOMMU enabled | GDDRHammer | GeForge | GPUBreach
---|---|---|---|---|---
Yes, but without privilege escalation | No | Yes, only if IOMMU is disabled | No | Yes, and it raises privileges even with IOMMU enabled ✔

Thus, GPUBreach is considered the most advanced of the three published scenarios.

What NVIDIA recommends
- Enable System‑Level ECC if available.

Researchers acknowledge that ECC can protect against some bit errors but is not a “complete” solution to the vulnerability.

- Consumer GeForce and mobile GPUs usually lack ECC support, so the risk is higher.

Conclusion
GPUBreach demonstrates that even with modern protection mechanisms (IOMMU, ECC), NVIDIA graphics processors remain vulnerable to serious attacks. Users and administrators should take this threat into account and monitor for driver and firmware updates from NVIDIA.