A group of researchers from the University of Toronto has developed an attack technique GPUBreach, which, similar to the recently announced GDDRHammer and GeForge attacks, uses the RowHammer technique to distort GDDR video memory bits and damage the memory page table GPU GPUBreach allows you to gain root access to the main system environment by executing an unprivileged CUDA kernel in an NVIDIA GPU.
A feature of the attack is the ability to work with IOMMU enabled. To bypass IOMMU, the attack disrupts the state of the proprietary NVIDIA driver running at the kernel level and initiates a buffer overflow in it, with the help of which it rewrites the contents of kernel structures. Also shown is the use of an attack to extract encryption keys from GPU memory used by the cuPQC library to speed up cryptographic calculations offloaded to the GPU side.