- Rowhammer attacks now extend beyond CPUs to high-performance GPUs
- GPU memory manipulation allows direct access to CPU memory systems
- New attacks manage to completely compromise the system thanks to controlled bit flips
Rowhammer has been a known problem in CPU-oriented DRAM for over a decade, but the same weaknesses now apply to high-performance GPUs with potentially similar consequences.
The attacks show that an attacker can cause bit flips on the GPU to gain arbitrary read and write access to all CPU memory.
Three research teams, working independently, revealed that Nvidia’s Ampere generation cards, including the RTX 3060 and RTX 6000 models, are vulnerable to these attacks.
Article continues below
What the new attacks actually do
“Our work shows that Rowhammer, which is well studied on CPUs, also poses a serious threat to GPUs,” said Andrew Kwong, co-author of one of the papers.
“With our work, we show how an attacker can cause bit flips on the GPU to gain arbitrary read and write access to all CPU memory, resulting in a complete compromise of the machine.”
The first attack, called GDDRHammer, induces an average of 129 bit flips per memory bank on the RTX 6000.
This represents a 64-fold increase over previous GPU Rowhammer attempts documented last year.
The second attack, named GeForge and authored by Zhenkai Zhang and his team, achieved 1,171-bit flips against the RTX 3060 and 202-bit flips against the RTX 6000.
Both attacks use new hammering patterns and a technique called memory massaging to corrupt GPU page tables.
Once the page tables are corrupted, an attacker can gain arbitrary read and write access to the GPU’s memory space and from there can also access the host CPU’s memory, leading to complete system compromise.
A third attack called GPUBreach takes a different and more concerning approach. It exploits memory safety bugs in the Nvidia driver itself rather than relying solely on bit flips.
The researchers behind GPUBreach explained that by corrupting the GPU’s page tables, an unprivileged CUDA kernel can gain arbitrary read and write access to GPU memory.
GPUBreach corrupts metadata in allowed buffers, causing attacker-controlled out-of-bounds writes. The result is a root shell on the host machine without requiring any special hardware configuration.
Enabling IOMMU closes the vulnerability against GDDRHammer and GeForge but fails against GPUBreach, even when enabled in BIOS.
IOMMU is disabled by default on most systems because enabling it reduces performance, and many administrators leave it disabled for this reason.
However, enabling error-correcting codes on the GPU provides some protection against all three attacks.
Both mitigations incur a performance penalty because they reduce the available usable memory.
The researchers note that only cards from the 2020 Ampere generation were tested. Newer generations may therefore also be vulnerable, but academic research generally lags behind product deployment.
There are no known cases of Rowhammer attacks being used in the wild, limiting the immediate practical threat.
However, GPUBreach running with IOMMU enabled is particularly troubling for cloud storage providers that share expensive GPU resources across multiple customers.
Via Arstechnica
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
