New Rowhammer attacks give complete control of machines running Nvidia GPUs

Researchers have discovered a new type of Rowhammer attack that can give hackers complete control of machines running Nvidia GPUs, with 95 percent of tested systems vulnerable to the exploit. This news has sent shockwaves through the tech community, as Rowhammer attacks were previously thought to be limited to DRAM. The new attacks, dubbed GDDRHammer, GeForge, and GPUBreach, hammer GPU memory in ways that hijack the CPU, allowing attackers to gain full control of the system. Why it matters to readers The impact of this discovery cannot be overstated, as Nvidia GPUs are used in a wide range of devices, from gaming laptops to datacenter servers. For example, a study by Jon Peddie Research found that Nvidia held a 82 percent market share of the discrete GPU market in 2022. This means that millions of devices are potentially vulnerable to these new Rowhammer attacks. Background context Rowhammer attacks have been a known vulnerability since 2014, but they were initially thought to be limited to DRAM. However, as researchers have continued to study and exploit this vulnerability, they have found new ways to use it to attack different types of memory. For instance, a 2020 study by Google researchers found that Rowhammer attacks could be used to exploit vulnerabilities in DRAM, and now researchers have found that they can also be used to exploit vulnerabilities in GPU memory. What to expect next As news of these new Rowhammer attacks spreads, we can expect to see a flurry of activity from Nvidia and other companies affected by the vulnerability. For example, Nvidia may release a patch to fix the vulnerability, and other companies may issue warnings to their customers about the potential risks. In fact, a similar vulnerability was patched by Nvidia in 2020, and it is likely that the company will take similar steps to address this new vulnerability. The discovery of these new Rowhammer attacks is a stark reminder of the importance of cybersecurity, and the need for companies to continually test and update their systems to protect against new vulnerabilities. With the potential for these attacks to affect millions of devices, it is crucial that Nvidia and other companies take immediate action to address this vulnerability, and that users take steps to protect themselves, such as keeping their systems up to date and using strong security software. New Rowhammer attacks have the potential to cause widespread disruption, and it is essential that the tech community takes this vulnerability seriously. For instance, the 2014 discovery of the original Rowhammer attack led to a major overhaul of the way that DRAM was designed and tested, and it is likely that these new attacks will lead to similar changes in the way that GPU memory is designed and tested. The fact that these new Rowhammer attacks can give hackers complete control of machines running Nvidia GPUs is a sobering reminder of the potential risks of these vulnerabilities. In fact, a study by the Ponemon Institute found that the average cost of a data breach is around 4 million dollars, and it is likely that the cost of a breach caused by one of these new Rowhammer attacks could be much higher. The discovery of these new Rowhammer attacks is a major concern for the tech community, and it is essential that companies and users take immediate action to protect themselves. For example, users can take steps to protect themselves by using strong security software and keeping their systems up to date, and companies can take steps to protect themselves by testing and updating their systems to protect against new vulnerabilities. One clear takeaway from the discovery of these new Rowhammer attacks is that cybersecurity is an ongoing process, and that companies and users must continually test and update their systems to protect against new vulnerabilities.