An attacker exploiting GPUhammer will quickly flip bits to which they have access to in order to affect other memory bits to which they do not have access, Ullrich explained. Nvidia recommends enabling ECC error correction, which will detect and possibly prevent these unauthorized changes to memory content. ECC isn’t perfect, he said, but if enabled will likely make the exploit less practical.
The attack also requires the attacker to execute specific code, he pointed out. This is more of a threat to systems that are shared between users and allow different users to affect each other’s data than single user systems, he said.
The researchers’ paper states that some of the abstractions of graphics cards make it a bit more difficult to access memory to trigger the Rowhammer exploit, he added. Unlike DDR memory connected to normal CPU buses, GPUs have a more controlled access to memory. “But in the end,” he said, “all Rowhammer needs is to quickly flip specific bits on and off, which is still possible for GPUs. It just takes more work to figure out which bits to flip, which is the main contribution of the paper.”
