Introduction
The Rowhammer vulnerability, long known to affect CPU memory, has now been demonstrated to pose a serious threat on modern GPUs. Researchers have shown that by exploiting the physical phenomenon of rowhammering in GDDR memory of NVIDIA's Ampere generation cards, an attacker can gain complete control over the host system's CPU memory. This breakthrough opens new avenues for GPU-based exploits that could lead to full system compromise.
Two Independent Attacks on Ampere GPUs
On Thursday, two research teams independently presented attacks against two cards from NVIDIA's Ampere lineup: the RTX 3060 and the RTX A6000. These attacks expand the scope of Rowhammer from CPU memory to GDDR memory, and demonstrate more severe consequences than previously anticipated.
GDDRHammer: Targeting GPU Memory for Full System Control
The first paper, titled “GDDRHammer: Greatly Disturbing DRAM Rows—Cross-Component Rowhammer Attacks from Modern GPUs,” was co-authored by Andrew Kwong and colleagues. Their proof-of-concept induces bitflips in GDDR memory to gain arbitrary read/write access to the host CPU's memory. The attacker manipulates the GPU's last-level page table to escalate privileges and achieve a complete machine compromise.
GeForge: Forging GPU Page Tables
The second paper, “GeForge: Hammering GDDR Memory to Forge GPU Page Tables for Fun and Profit,” takes a similar approach but targets a different structure. Instead of the last-level page table, GeForge manipulates the last-level page directory. The researchers were able to induce 1,171 bitflips on the RTX 3060 and 202 bitflips on the RTX A6000. By corrupting GPU page table mappings in GDDR6 memory, they gain read and write access to the GPU memory space and then escalate to full control over the host CPU memory. Their exploit culminates in opening a root shell on the host machine, allowing unfettered command execution.
How the Attacks Work
Both attacks rely on the Rowhammer effect, where repeatedly accessing (hammering) specific rows of memory cells causes electrical interference that flips bits in adjacent rows. In CPUs, this has been used to break memory isolation and escalate privileges. On GPUs, the GDDR memory is similarly susceptible. The researchers developed novel hammering patterns and memory massaging techniques tailored to GDDR6 to induce the necessary bitflips.
A key limitation in the initial attacks is that they require the IOMMU (Input-Output Memory Management Unit) to be disabled. The IOMMU is a hardware feature that can isolate GPU memory from the rest of the system. By default, many BIOS configurations have it disabled, making a large number of systems vulnerable. With IOMMU off, the GPU can directly access CPU memory, enabling the cross-component attack.
The Third Attack: Bypassing IOMMU Protection
On Friday, a third research team unveiled a new Rowhammer attack that works even when IOMMU is enabled. This attack targets the RTX A6000 and achieves privilege escalation to a root shell. The researchers did not disclose full details, but the attack demonstrates that IOMMU alone is insufficient protection. This further raises the stakes, as many systems that rely on IOMMU for security may still be vulnerable.
Implications and Mitigations
These findings highlight that Rowhammer is not just a CPU problem; it is a serious GPU security threat. With GPUs now handling sensitive workloads in cloud computing, AI, and even cryptocurrency mining, the ability to compromise a host system from a GPU could have far-reaching consequences. Possible mitigations include enabling IOMMU (though not a complete fix), using error-correcting code (ECC) memory, and updating firmware to detect and prevent rowhammer patterns. Users should check for BIOS updates from motherboard manufacturers and apply NVIDIA's security patches when available.
As the researchers note, these attacks represent the first cross-component Rowhammer exploits from GPUs. The security community will need to develop new defenses to protect against this evolving threat.