Schneier on Security

Rowhammer Attack Against NVIDIA Chips

Bruce Schneier · 12 hours ago · Read original ↗

ATT&CK techniques detected

1 predictions

T1068Exploitation for Privilege Escalation

47%

“##ge proof - of - concept exploit against the rtx 3060 concludes by opening a root shell window that allows the attacker to issue commands that run unfettered privileges on the host machine. the researchers said that both gddrhammer and geforge could do the same thing against the…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

A new rowhammer attack gives complete control of NVIDIA CPUs.

On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generation that take GPU rowhammering into new—and potentially much more consequential—territory: GDDR bitflips that give adversaries full control of CPU memory, resulting in full system compromise of the host machine. For the attack to work, IOMMU memory management must be disabled, as is the default in BIOS settings.

“Our work shows that Rowhammer, which is well-studied on CPUs, is a serious threat on GPUs as well,” said Andrew Kwong, co-author of one of the papers. “...