Rowhammer vs. Nvidia GPUs

Researchers from three groups have demonstrated that Rowhammer attacks are applicable to the GDDR memory of modern GPUs. The GDDRHammer, GeForge, and GPUBreach techniques show how an unprivileged user can gain root access on the host system by inducing bit flips in GPU memory and breaking isolation between the GPU and CPU.

📍GDDRHammer targets the RTX 6000 (Ampere) using new hammering patterns and memory massaging techniques. It breaks GPU page table isolation and enables read/write access to CPU memory. The attack requires IOMMU to be disabled.

📍GeForge manipulates page tables, achieving up to 1,171 bit flips on the RTX 3060. The proof of concept demonstrates obtaining a root shell on the host. It also requires IOMMU to be disabled.

📍GPUBreach exploits memory safety flaws in the Nvidia driver, causing out‑of‑bounds writes to IOMMU buffers even when IOMMU is enabled. It works on the RTX A6000 and leads to kernel-level code execution and full system compromise.

📎 Articles:
• Rowhammer: https://users.ece.cmu.edu/~yoonguk/papers/kim-isca14.pdf • GDDRHammer: https://gddr.fail/files/gddr.pdf • GeForge: https://gddr.fail/ • GPUBreach: https://www.gpubreach.ca/

💬 Discuss