Two newly disclosed Rowhammer-style attacks, GDDRHammer and GeForge, allow attackers to gain full control of systems using select Nvidia GPUs. These exploits target GDDR memory in Ampere-generation cards like the RTX 6000 and RTX 3060.
Unlike earlier CPU-focused Rowhammer attacks, these GPU-based methods manipulate memory to bypass traditional protections. By flipping bits in GPU memory, attackers can alter page tables and access host CPU memory, leading to root-level system compromise.
The attacks require Input-Output Memory Management Unit (IOMMU) to be disabled-a common default setting. Enabling IOMMU or Error Correcting Code (ECC) can mitigate risks but may reduce performance.
Researchers warn that current defenses are inadequate against cross-component threats. While no real-world exploitation has been reported, cloud environments sharing high-end GPUs face heightened risk.