Nvidia GDDR6 Hit by New Rowhammer Attack

🔑 Enhanced Key Takeaways

• •The attack, dubbed 'GPU-Hammer,' exploits the high-density nature of GDDR6 memory, which lacks the same level of Rowhammer-mitigation features (like Target Row Refresh) commonly found in modern server-grade DDR4/DDR5 modules.
• •Researchers demonstrated that the attack vector relies on the GPU's memory controller to bypass standard OS-level memory protections, effectively turning the GPU into a malicious agent that can read/write to host system memory via DMA (Direct Memory Access).
• •The vulnerability is exacerbated by the increasing use of unified memory architectures in AI-focused computing environments, which blurs the boundary between GPU VRAM and system RAM, making cross-domain memory corruption more feasible.

🛠️ Technical Deep Dive

• •Exploits the physical proximity of memory cells in GDDR6 chips, where rapid, repeated access to a 'aggressor' row causes electromagnetic interference that flips bits in adjacent 'victim' rows.
• •Utilizes custom CUDA kernels to maximize memory access frequency, bypassing the GPU's internal scheduling throttles to maintain the high-intensity access patterns required for bit flipping.
• •Leverages the PCIe bus to facilitate cross-device memory access, allowing the GPU to manipulate memory regions allocated to the host CPU's kernel space.
• •The attack is effective even when ECC (Error Correction Code) memory is present, as the high-frequency access can overwhelm the correction capabilities of standard GDDR6 ECC implementations.

🔮 Future ImplicationsAI analysis grounded in cited sources

⏳ Timeline