NVIDIA GPUs are good for gaming, but new Rowhammer attacks can give hackers full system access

New research highlights a decade-old flaw that now affects GPU dedicated to jeux : Rowhammer. On NVIDIA products, the attack targets GDDR memory and can, in certain scenarios, lead to a system compromise without elevated privileges. For the general public, the risk appears limited, but it becomes more worrying in shared environments and the cloud.

NVIDIA Gaming GPUs Exposed at Rowhammer on GDDR Memory

NVIDIA’s gaming GPUs are affected by the “Rowhammer” vulnerability, a flaw known for over a decade that can pose a problem for the average user.

New research indicates that Rowhammer may now target GDDR memory, found in all gaming GPUs

Breaches affecting hardware components are not uncommon, and intrusions via CPUs remain common. On the GPU side, they are less frequent, but a report from Ars Technica points to a breach directly targeting GDDR memory. The attacks, known as “Rowhammer”, would have been extended to NVIDIA’s Ampere GPUs, including the RTX 3060 and the RTX A6000. Attackers could gain access to the system through a backdoor route, detailed below.

Historically confined to system memory (DDR), Rowhammer would now be included in video memory, which broadens the potential impact on the gaming segment. The attack exploits electrical interference to disrupt memory cells within the GPU, until bits are corrupted. The memory can then “believe” that sensitive data remains in a safe zone, even though it has already leaked.

By corrupting the GPU’s page tables, an unprivileged CUDA kernel can gain arbitrary read/write access to video memory, then chain to CPU-side privilege escalation by exploiting new security bugs memory in the NVIDIA driver.

The key is a complete compromise of the system down to a root shell, without disabling the IOMMUunlike other recent work, which makes GPUBreach more dangerous.

– via Ars Technica

The first works mention, on the general public side, the vulnerability of the RTX 3060, and on the workstation side, of the RTX A6000. Note that no known exploitation has, for the moment, taken advantage of Rowhammer on GPUs to extract system information, given the complexity of the attack. For individuals, the risk appears limited. In enterprises, especially where GPU resources are shared in the cloud for AI workloads, a successful attack could target multiple users simultaneously.

If the hypothesis of targeting GDDR is confirmed, a large proportion of gaming GPUs would be exposed to this type of flaw. In the absence of documented incidents in recent generations, it remains difficult to measure the real extent for players.