What happened
Researchers discovered new Rowhammer attacks, "GDDRHammer" and "GeForge," gaining root access to system CPUs via Nvidia GPU GDDR6 memory. These attacks induce VRAM bit flips (e.g., 1,171 on RTX 3060, 202 on RTX A6000), modifying GPU page tables for arbitrary CPU memory read/write. Most of 25 tested GDDR6 GPUs were vulnerable; GDDR6X/GDDR7 cards were not compromised. Nvidia suggests ECC (reduces VRAM, performance) or IOMMU (often disabled) as mitigations.
Why it matters
Full system compromise via GPU memory impacts security architects and platform engineers, expanding the attack surface beyond CPU vulnerabilities. Rowhammer bit flips in GDDR6 VRAM enable arbitrary CPU memory read/write, bypassing isolation. ECC mitigates this but reduces VRAM capacity and performance. IOMMU, by sandboxing GPU access, offers defence, yet its default disabled state creates a configuration challenge. This follows last year's "GPUHammer" discovery, which degraded AI model accuracy.
Subscribe for Weekly Updates
Stay ahead with our weekly AI and tech briefings, delivered every Tuesday.
