If you think your system's security depends only on what happens inside the CPU, the latest research has some pretty bad news: **GPUs have now firmly entered the realm of serious vulnerabilities**. Researchers have unveiled two new attacks based on the **Rowhammer** technique that can, starting from GPU memory, achieve **complete control of the machine**, including unrestricted access to the main processor's RAM. The attacks are called **GDDRHammer** and **GeForge**, and they work against **Nvidia Ampere** cards such as the RTX 3060 and RTX 6000. --- ## So, What Exactly Is Rowhammer? The Rowhammer technique was first demonstrated in 2014: by repeatedly and rapidly accessing rows of DRAM memory, it is possible to create electrical interference that causes bits in neighboring rows to "flip" from 0 to 1 or vice versa. It sounds like science fiction, but it's pure physics: modern memory is so densely packed that circuits start to "bleed" into each other. Over the past decade, dozens of Rowhammer variants have been developed, eventually enabling attacks over local networks, rooting Android devices, and even stealing 2048-bit encryption keys. Until now, Rowhammer was mostly a CPU and DDR memory problem. That has officially changed. --- ## What's New With GDDRHammer and GeForge Researchers introduced two new exploits — GDDRHammer and GeForge — that work successfully against Ampere-architecture GPUs such as the RTX 3060 and the professional RTX 6000. Using memory massaging techniques, the attacks bypass protections in Nvidia's drivers, steering page tables toward unprotected memory regions. The numbers speak for themselves: - **GDDRHammer** generates an average of 129 bit flips per memory bank on the RTX 6000, a 64-fold increase compared to attacks documented the previous year. - **GeForge** proved even more destructive: it induced 1,171 bit flips on the RTX 3060 and 202 on the RTX 6000. But the raw number of bit flips isn't the scariest part. What comes next is. --- ## How They Achieve Full Control of the Machine The core breakthrough lies in the ability to tamper with the GPU's page table mappings. Researchers modify page table entries via bit flips to gain arbitrary read and write access to GPU video memory, then redirect pointers to CPU memory, ultimately achieving full control over the host's physical memory. In plain terms: a process running on the GPU can escalate its privileges until it effectively owns the entire machine. GeForge goes even further — it can enable unprivileged users to obtain a root shell, granting the highest level of administrative access to the system. --- ## Why This Is Especially Alarming in Cloud Environments The high cost of high-performance GPUs, typically $8,000 or more, means they are frequently shared among dozens of users in cloud environments. This means a malicious user in a multi-tenant setup could use these attacks to compromise not only their own data, but that of every other tenant on the same server. The researchers caution that cloud providers should reassess GPU memory protections as GPU-driven Rowhammer threats continue to evolve. --- ## What Nvidia Recommends Nvidia had already issued guidance following earlier discoveries, and for now **has not released a specific firmware or driver fix** for these new attacks. The recommendations remain: - **Enable ECC (Error-Correcting Code)** at the system level, which adds redundant bits to preserve data integrity - **Enable IOMMU** in the system BIOS, which prevents the GPU from accessing restricted host memory regions The catch? ECC can introduce up to a 10% slowdown for machine learning inference workloads and also reduces available memory capacity by 6.25%. Security comes at a performance cost. And some Rowhammer variants can still bypass ECC protections. --- ## The Takeaway Rowhammer attacks have long been seen as too sophisticated for real-world exploitation. GDDRHammer and GeForge show that's changing: the line between academic research and a usable exploit is getting thinner by the day. For anyone managing environments with shared GPUs, whether in the cloud or in an on-premise data center, the message is clear: **review your ECC and IOMMU settings now**, don't wait for an incident. The GPU is no longer just a processing unit. It is, now, an attack surface too. --- *Source: [Ars Technica, April 3, 2026](https://arstechnica.com/security/2026/04/new-rowhammer-attacks-give-complete-control-of-machines-running-nvidia-gpus/)* don't forget to [sign up](https://chat-to.dev/login) and join our community