New Rowhammer Attacks Give Complete Control of Machines Running Nvidia GPUs
Two independent teams demonstrated GPU Rowhammer attacks (GDDRHammer and GeForge) that flip bits in Nvidia's GDDR memory to corrupt GPU page tables and gain read/write access to the CPU's memory, potentially taking full control of the host when IOMMU is disabled. They suggest mitigations such as enabling IOMMU and ECC, noting CPU protections alone are insufficient against GPU-side Rowhammer.
Rowhammer Attacks on Nvidia GPUs GDDRHammer and GeForge demonstrate GPU-based Rowhammer attacks that flip memory bits to gain read/write access to CPU memory and achieve full host compromise. | 2:00Original | |
GPU Rowhammer Attacks Researchers demonstrated that GPU Rowhammer on Nvidia Ampere cards can flip bits to gain arbitrary read/write access to CPU memory and fully compromise the host. | 2:59Original | |
GPU Page Tables and Rowhammer GDDRHammer and GeForge steer GPU page tables into unprotected memory to read and write CPU memory, enabling host privilege escalation, with IOMMU and ECC as mitigations. | 3:18Original |