|
|
| Page 1 of 1 |
LeoNatan
☢ NFOHump Despot ☢
Posts: 74616
Location: Israel
|
 Posted: Mon, 6th Apr 2026 04:47 Post subject: Rowhammer/GDDRHammer GDDR6 vulnerabilities |
|
 |
https://en.wikipedia.org/wiki/Row_hammer
nSlopia GDDR6 cards, such as 3060, seem vulnerable to a new rowhammer attack that can compromise the CPU and its memory space.
https://www.techpowerup.com/347981/new-rowhammer-attack-puts-gddr6-powered-nvidia-gpus-at-risk
https://blog.barrack.ai/gddrhammer-geforge-gpu-rowhammer-gddr6/
| Quote: | How GDDRHammer works
GDDRHammer was developed by researchers at UNC Chapel Hill, Georgia Tech, and Mohamed bin Zayed University of Artificial Intelligence. The paper, code (github.com/heelsec/GDDRHammer), and supplementary materials are all available at gddr.fail.
The attack exploits a flaw in how NVIDIA's default memory allocator (cudaMalloc) places GPU page tables. Under normal operation, page table entries should be isolated from user-controlled data. They are not. The allocator co-locates page tables and user data in the same GDDR6 memory region. That means an attacker who can induce bit flips in adjacent rows can corrupt page table entries.
The team characterized Rowhammer behavior across 25 GDDR6 GPUs. They developed double-sided hammering patterns that exploit GPU parallelism, specifically the SIMT architecture and multi-warp execution model, to generate far more intense memory access patterns than a CPU can produce. The result was roughly 64x more bit flips than the original GPUHammer work.
The actual attack chain has four parts. The attacker uses a memory massaging technique to steer GPU page table entries toward DRAM rows with known-vulnerable bits. Then they hammer adjacent rows to flip bits in those page table entries. A single flip in the right position redirects a GPU virtual address mapping to point at CPU physical memory via the PCIe BAR1 aperture. From there, the GPU performs DMA reads and writes to arbitrary CPU memory. The attacker modifies kernel data structures and gets a root shell. |
Just crazy. The researchers that find this stuff… 👨🍳😘
| Quote: | Confirmed vulnerable with exploits demonstrated:
NVIDIA GeForce RTX 3060 (Ampere, GA106, 12 GB GDDR6). Showed 1,171 bit flips in GeForge testing.
NVIDIA RTX A6000 (Ampere, GA102, 48 GB GDDR6). Showed 202 bit flips in GeForge testing and averaged 129 bit flips per bank in GDDRHammer. The GDDRHammer paper states that nearly all tested RTX A6000 cards remained vulnerable under realistic settings.
Tested with no bit flips observed:
GeForce RTX 3080 (Ampere, GDDR6X). GDDR6X appears to have stronger in-DRAM mitigations.
GeForce RTX 4060 and RTX 4060 Ti (Ada Lovelace, GDDR6). Two samples of the Ti were tested. No bit flips on either. Ada-generation memory controllers or newer GDDR6 chip revisions may include improved defenses.
RTX 6000 Ada (Ada Lovelace, GDDR6, 48 GB). Tested by the GDDRHammer team. No bit flips induced. Some press outlets incorrectly reported this GPU as vulnerable, likely confusing it with the Ampere-generation RTX A6000. They are different products.
GeForce RTX 5050 (Blackwell, GDDR7). No bit flips. GDDR7 implements always-on, non-configurable on-die ECC. |
| Quote: | nSloppia's response:
"Would you like to see our AI slop rendering? It uses two 5090s, which have GDDR7 and that's not vulnerable durr" |
|
|
| Back to top |
|
|
LeoNatan
☢ NFOHump Despot ☢
Posts: 74616
Location: Israel
|
| Posted: Mon, 6th Apr 2026 04:54 Post subject: |
|
|
This is a technical overview of the above exploit:
https://gpubreach.ca
|
|
| Back to top |
|
|
| Page 1 of 1 |
All times are GMT + 1 Hour |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group
|
|
 |
|
