CUDA, Woulda, Shoulda: Returning Exploits in a SASS-y World

Jonas Roels; Adriaan Jacobs; Stijn Volckaert

doi:10.1145/3722041.3723099

What is it about?

This paper proves that Return-Oriented Programming (ROP) is a viable attacker primitive on Graphics Processing Units (GPUs), just like on the CPU. Previous work dismissed its expressiveness, limiting its effectiveness to simple attacks that could be achieved with other techniques. Nevertheless, we demonstrate that Turing-complete ROP chains are once again possible. Therefore, we want this paper to function as a call to arms for GPU manufacturers and developers to design comprehensive memory safety mitigations for GPUs.

Photo by Nana Dua on Unsplash

Why is it important?

We are the first to demonstrate that arbitrary computations are possible using ROP-based attacks on GPUs. This shows that GPUs, like CPUs decades ago, are vulnerable to many attacks and thus need comprehensive mitigations.

This page is a summary of: CUDA, Woulda, Shoulda: Returning Exploits in a SASS-y World, March 2025, ACM (Association for Computing Machinery),
DOI: 10.1145/3722041.3723099.
You can read the full text:

Read

Contributors

The following have contributed to this page

CUDA, Woulda, Shoulda: Hacking Your GPU Using Return-Oriented Programming (ROP)

What is it about?

Why is it important?

Contributors

Discover more

Medical Research

Life Sciences

Physical Sciences

Technology and Engineering

Environmental Research

Arts and Humanities

Social Sciences

Business and Management

CUDA, Woulda, Shoulda: Hacking Your GPU Using Return-Oriented Programming (ROP)

What is it about?

Featured Image

Why is it important?

Read the Original

Contributors

Share this page:

Discover more

Medical Research

Life Sciences

Physical Sciences

Technology and Engineering

Environmental Research

Arts and Humanities

Social Sciences

Business and Management