High-performance GPUs, often priced at $8,000 or more, are commonly shared among multiple users in cloud environments—making them attractive targets for attackers. Researchers have now uncovered three new attack techniques that allow a malicious user to gain full root access to a host system by exploiting advanced Rowhammer vulnerabilities in Nvidia GPUs.
These attacks take advantage of a growing weakness in memory hardware known as bit flipping, where stored binary values (0s and 1s) unintentionally switch. First identified in 2014, Rowhammer showed that repeatedly accessing DRAM could create electrical interference, causing such bit flips. By 2015, researchers demonstrated that targeting specific memory rows could escalate privileges or bypass security protections. Earlier exploits focused primarily on DDR3 memory.
Rowhammer’s Evolution from CPUs to GPUs
Over the past decade, Rowhammer techniques have significantly advanced. Researchers have expanded attacks to newer DRAM types like DDR4, including those with protections such as ECC (Error Correcting Code) and Target Row Refresh. New strategies like Rowhammer feng shui and RowPress allow attackers to precisely target sensitive memory areas. These methods have enabled attacks across networks, extraction of encryption keys, and even compromising Android devices.
Only recently have researchers begun targeting GDDR memory used in GPUs. Initial results were limited, producing minimal bit flips and only affecting neural network outputs. However, new findings mark a major escalation.
Two independent research teams recently demonstrated attacks on Nvidia’s Ampere-generation GPUs that can trigger GDDR memory bit flips capable of compromising CPU memory. This effectively gives attackers complete control over the host machine—provided IOMMU (input-output memory management unit) is disabled, which is typically the default BIOS setting.
“Our work shows that Rowhammer, which is well-studied on CPUs, is a serious threat on GPUs as well,” said Andrew Kwong, co-author of one of the studies. “GDDRHammer: Greatly Disturbing DRAM Rows—Cross-Component Rowhammer Attacks from Modern GPUs.” “With our work, we… show how an attacker can induce bit flips on the GPU to gain arbitrary read/write access to all of the CPU’s memory, resulting in complete compromise of the machine.”
A third technique, revealed shortly after, further intensifies concerns. Unlike earlier methods, this attack—called GPUBreach—works even when IOMMU protections are enabled.
“By corrupting GPU page tables, an unprivileged CUDA kernel can gain arbitrary GPU memory read/write, and then chain that capability into CPU-side escalation by exploiting newly discovered memory-safety bugs in the NVIDIA driver,” the researchers explained. “The result is system-wide compromise up to a root shell, without disabling IOMMU, unlike contemporary works, making GPUBreach a more potent threat.”
Inside the Attacks: GDDRHammer, GeForge, and GPUBreach
The first method, GDDRHammer, targets Nvidia RTX 6000 GPUs from the Ampere architecture. Using advanced hammering patterns and a technique called memory massaging, it significantly increases the number of bit flips and breaks memory isolation. This
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: