New Rowhammer attacks exploit Nvidia GPUs for full machine control
Original: New Rowhammer attacks give complete control of machines running Nvidia GPUs
Why This Matters
Demonstrates serious security risks in shared GPU cloud environments and data centers.
Three new Rowhammer attacks exploit Nvidia GPU memory flaws to gain complete root control of host machines. Researchers demonstrated attacks on Ampere generation cards that flip bits in GDDR memory to access CPU memory and fully compromise systems.
Researchers unveiled three novel Rowhammer attacks targeting high-performance Nvidia GPUs that can give attackers complete control of host machines. The attacks exploit bit flips in GDDR memory through repeated rapid access, similar to traditional CPU-based Rowhammer techniques first discovered in 2014. Two independent research teams demonstrated successful attacks on Nvidia's Ampere generation cards, including the RTX A6000. Unlike previous GPU Rowhammer research that achieved only eight bitflips with limited damage, these new attacks can flip GDDR bits to gain arbitrary read/write access to CPU memory, resulting in full system compromise. The attacks work when IOMMU memory management is disabled, which is the default BIOS setting. A third attack unveiled Friday reportedly works even with IOMMU enabled. The vulnerability is particularly concerning for cloud environments where expensive GPUs are shared among multiple users.