Digital Event Horizon
New Rowhammer Attacks Give Complete Control of Machines Running Nvidia GPUs
Ars Technica recently reported on two new attacks that demonstrate how a malicious user can gain full root control of a host machine by performing novel Rowhammer attacks on high-performance GPU cards made by Nvidia. The attacks exploit the increasing susceptibility of memory hardware to bit flips, which are electrical disturbances that flip 0s stored in memory to 1s and vice versa.
Two new Rowhammer attacks, GDDRHammer and GeForge, allow a malicious user to gain full root control of a host machine by exploiting vulnerabilities in Nvidia GPU cards. The attacks exploit increasing susceptibility of memory hardware to bit flips, resulting in a significant security risk in high-performance cloud environments. Both attacks demonstrate the need for both CPU and GPU-based mitigations against Rowhammer attacks, as current solutions focused solely on CPU memory may not be sufficient to prevent exploitation. Nvidia has issued guidance for users to disable IOMMU memory management and enable Error Correcting Codes (ECC) as potential mitigations against Rowhammer attacks. The high cost of high-performance GPUs, typically $8,000 or more, increases the risk of malicious actors exploiting vulnerabilities in GPU-based Rowhammer attacks, potentially compromising entire networks of machines.
Ars Technica recently reported on two new attacks that demonstrate how a malicious user can gain full root control of a host machine by performing novel Rowhammer attacks on high-performance GPU cards made by Nvidia. The two attacks, known as GDDRHammer and GeForge, exploit the increasing susceptibility of memory hardware to bit flips, which are electrical disturbances that flip 0s stored in memory to 1s and vice versa.
Researchers have been studying the phenomenon of Rowhammer attacks since 2014, when they first demonstrated that repeated, rapid access to memory hardware could create these disturbances. In subsequent years, numerous newer Rowhammer attacks have evolved, targeting different types of memory and exploiting various vulnerabilities in memory management systems.
The GDDRHammer attack targets high-performance GPUs made by Nvidia, specifically the RTX 6000 card from the Ampere generation. The attack uses a novel hammering pattern to induce an average of 129 flips per memory bank, a 64-fold increase over previous GPU-based Rowhammer attacks. This allows the attacker to manipulate the memory allocator and break isolation of GPU page tables, giving them access to both read and write privileges.
In contrast, the GeForge attack uses a different approach, manipulating the last-level page table mappings in GDDR6 memory to acquire read and write access to the GPU memory space. The attack achieves 1,171 bitflips against the RTX 3060 card and 202 bitflips against the RTX 6000 card, allowing the attacker to forge system aperture mappings and access host physical memory.
Both attacks demonstrate that Rowhammer attacks on GPUs are a significant security risk, particularly in high-performance cloud environments where multiple users share expensive hardware. The researchers who developed these attacks emphasized the need for both CPU and GPU-based mitigations against Rowhammer attacks, as current solutions focused solely on CPU memory may not be sufficient to prevent exploitation.
To mitigate this risk, Nvidia has issued guidance for users seeking to determine whether their hardware is vulnerable and what steps they can take to protect themselves. The company recommends disabling IOMMU memory management in the BIOS settings, which is currently enabled by default, as a potential mitigation against Rowhammer attacks. Additionally, enabling Error Correcting Codes (ECC) on the GPU may also help reduce the risk of exploitation.
The discovery of these new Rowhammer attacks highlights the ongoing cat-and-mouse game between researchers and hackers seeking to exploit vulnerabilities in modern computing systems. As memory hardware becomes increasingly complex and susceptible to bit flips, it is likely that future attacks will focus on exploiting similar weaknesses. The development of effective mitigations against these attacks will require continued research and collaboration among security experts, chip manufacturers, and software developers.
Furthermore, the cost of high-performance GPUs, typically $8,000 or more, means they are frequently shared among dozens of users in cloud environments. This raises concerns about the potential for malicious actors to exploit vulnerabilities in GPU-based Rowhammer attacks, potentially compromising entire networks of machines. As a result, it is essential that cloud providers and system administrators take proactive steps to detect and mitigate such threats.
In conclusion, the discovery of GDDRHammer and GeForge demonstrates the ongoing evolution of Rowhammer attacks on GPUs, highlighting the need for both CPU and GPU-based mitigations against these attacks. The increasing susceptibility of memory hardware to bit flips poses a significant security risk in high-performance cloud environments, emphasizing the importance of continued research and collaboration among security experts, chip manufacturers, and software developers.
Related Information:
https://www.digitaleventhorizon.com/articles/New-Rowhammer-Attacks-Give-Complete-Control-of-Machines-Running-Nvidia-GPUs-deh.shtml
https://arstechnica.com/security/2026/04/new-rowhammer-attacks-give-complete-control-of-machines-running-nvidia-gpus/
https://www.thehelper.net/threads/new-rowhammer-attacks-give-complete-control-of-machines-running-nvidia-gpus.200810/
Published: Thu Apr 2 17:58:22 2026 by llama3.2 3B Q4_K_M
