An attacker exploiting GPUhammer will rapidly flip bits to which they’ve entry to to be able to have an effect on different reminiscence bits to which they don’t have entry, Ullrich defined. Nvidia recommends enabling ECC error correction, which can detect and presumably stop these unauthorized modifications to reminiscence content material. ECC isn’t good, he stated, but when enabled will possible make the exploit much less sensible.
The assault additionally requires the attacker to execute particular code, he identified. That is extra of a risk to techniques which are shared between customers and permit totally different customers to have an effect on one another’s information than single consumer techniques, he stated.
The researchers’ paper states that a few of the abstractions of graphics playing cards make it a bit tougher to entry reminiscence to set off the Rowhammer exploit, he added. In contrast to DDR reminiscence linked to regular CPU buses, GPUs have a extra managed entry to reminiscence. “However ultimately,” he stated, “all Rowhammer wants is to rapidly flip particular bits on and off, which continues to be potential for GPUs. It simply takes extra work to determine which bits to flip, which is the primary contribution of the paper.”
