NVIDIA has warned about the potential vulnerability of its high-performance graphics processors to Rowhammer attacks, which can occur when the error correction mechanism (ECC) is disabled. This was reported by the portal NERDS.xyz.
Rowhammer is a hardware vulnerability in DRAM that allows data to be modified in adjacent cells without direct access to them. An attacker could use this to perform unauthorized data modification, privilege escalation, or system integrity violations without physical access. Researchers at the University of Toronto have shown that such attacks can affect not only regular RAM, but also GDDR6, which is used in powerful professional GPUs such as the RTX A6000.
In our experiment, the attack only worked with ECC disabled, confirming the effectiveness of this technology. NVIDIA recommends that users enable ECC in the graphics adapter settings if it supports it. This applies to cards with Blackwell, Hopper, Ada, Ampere architectures, as well as DGX, HGX, and Jetson systems.
It is noted that the latest types of memory — GDDR7 and HBM3 — have integrated On-Die ECC, which works all the time and does not turn off. However, some users bypass ECC due to fears of performance degradation or lack of awareness of its activity status.
To control ECC configuration, NVIDIA recommends using the nvidia-smi utility, and in a corporate environment, using BMC or Redfish API tools. The company emphasizes that protection is already available, the main thing is to use it correctly.