GPUBreach: Privilege Escalation Attacks on GPUs Using Rowhammer

NVIDIA GPUs with GDDR memories have been shown susceptible to Rowhammer-based bit-flips, similar to CPUs. However, Rowhammer exploits on GPUs have been limited to injecting untargeted bit-flips in victim data like weights of machine learning models, to degrade model accuracy, unlike CPU exploits...

New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips

New academic research has identified multiple RowHammer attacks against high-performance graphics processing units GPUs that could be exploited to escalate privileges and, in some cases, even take full control of a host. The efforts have been codenamed GPUBreach , GDDRHammer, and GeForge. GPUBrea...

EUVD-2024-46524

Malicious code in bioql PyPI...

SLasH-DSA: Breaking SLH-DSA Using an Extensible End-To-End Rowhammer Framework

As quantum computing advances, PQC schemes are adopted to replace classical algorithms. Among them is the SLH-DSA that was recently standardized by NIST and is favored for its conservative security foundations. In this work, we present the first software-only universal forgery attack on SLH-DSA,...

CVE-2025-6202

CVE-2025-6202 Phoenix Rowhammer is a hardware-level vulnerability in SK Hynix DDR5 modules (manufactured 2021–2024) that allows a local attacker to trigger memory row bit flips. The issue bypasses protection such as TRR, exploiting defined “blind zones” (e.g., after 128 and 2,608 tREFI updates) w...

CVE-2025-6202 Phoenix: Rowhammer attack on Hynix DDR5 devices

Vulnerability in SK Hynix DDR5 on x86 allows a local attacker to trigger Rowhammer bit flips impacting the Hardware Integrity and the system's security. This issue affects DDR5: DIMMs produced from 2021-1 until 2024-12...

CVE-2025-6202 Phoenix: Rowhammer attack on Hynix DDR5 devices

Vulnerability in SK Hynix DDR5 on x86 allows a local attacker to trigger Rowhammer bit flips impacting the Hardware Integrity and the system's security. This issue affects DDR5: DIMMs produced from 2021-1 until 2024-12...

Linux Distros Unpatched Vulnerability : CVE-2015-0565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. CVE-2015-0565 Note that Nessus relies on the presence of the package as reporte...

GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs

NVIDIA is urging customers to enable System-level Error Correction Codes ECC as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units GPUs. "Risk of successful exploitation from RowHammer attacks varies based on DRAM device, platform, design...

Security Notice: Rowhammer - July 2025

NVIDIA has released this security notice in response to customer inquiries about potential impacts to NVIDIA GPUs from Rowhammer attacks. Go to NVIDIA Product Security. Details NVIDIA has received new research related to the industry-wide DRAM issue known as “Rowhammer”. The research demonstrates...

GPUHammer: Rowhammer Attacks on GPU Memories Are Practical

Rowhammer is a read disturbance vulnerability in modern DRAM that causes bit-flips, compromising security and reliability. While extensively studied on Intel and AMD CPUs with DDR and LPDDR memories, its impact on GPUs using GDDR memories, critical for emerging machine learning applications,...

CVE-2022-42961

An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via ...

SUSE CVE-2024-5288

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

Azure Linux 3.0 Security Update: mariadb (CVE-2024-2881)

The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2881 advisory. - Fault Injection vulnerability in wced25519signmsg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL...

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh...

UBUNTU-CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

DEBIAN-CVE-2024-5288

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

PT-2024-24129 · Open Quantum Safe · Liboqs

Name of the Vulnerable Software and Affected Versions: Open Quantum Safe liboqs version 10.0 Description: An issue in Open Quantum Safe liboqs allows a remote attacker to escalate privileges via the crypto sign signature parameter in the /pqcrystals-dilithium-standard ml-dsa-44-ipd avx2/sign.c...

CLSA-2024-1713370315 sudo: Fix of CVE-2023-42465

CVE-2023-42465: Make sudo less vulnerable to ROWHAMMER attacks...

SUSE: Security Advisory (SUSE-SU-2024:0797-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...