Machines running high-performance Nvidia GPU cards, which are prevalent in cloud environments, could be completely hijacked through three new Rowhammer intrusions, Ars Technica reports.Both the GDDRHammer and GeForge attacks discovered by two different groups of researchers could target Nvidia RTX 6000 chips using the Ampere architecture to trigger GDDR bitflips that result in total CPU memory takeovers, provided that IOMMU memory management is deactivated. Despite Rowhammer protections on the CPU, attackers could use GDDRHammer to Rowhammer the CPU and later compromise the CPU, according to researcher Andrew Kwong. New hammering patterns and memory massaging techniques have also been leveraged by GeForge for GPU page table mapping corruption in GDDR6 memory.On the other hand, GPUBreach, which was uncovered by another set of researchers, harnesses GPU driver-based memory safety vulnerabilities to elevate privileges to root even with IOMMU enabled. While no Rowhammer attack has been observed in the wild so far, such findings emphasize the potential security risks faced by GPUs.
Cloud Security, Hardware, Vulnerability Management
Total takeover of Nvidia GPU-based devices possible with novel Rowhammer attacks

(Adobe Stock)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



