Rendered at 09:26:38 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
stratos123 5 days ago [-]
Notable parts:
- "GPU users should understand that the only cards known to be vulnerable to Rowhammer are the RTX 3060 and RTX 6000 from the Ampere generation"
- mitigations are enabling ECC on the GPU or enabling IOMMU in BIOS
So doesn't sound like a big deal for users, this is more of a datacenter sort of vulnerability. The fact that this attack is possible at all (you can turn small GPU memory writes into access to CPU memory) is pretty shocking to me, though.
adrian_b 5 days ago [-]
Those are the cards that have been tested.
It is very likely that the attacks work on most or all consumer Ampere cards, depending on what kinds of GDDR memories they are using. They might also work on more recent GPUs.
However, it is true that such attacks are normally useful only on multi-user machines.
The most important thing is that the attacks are prevented by enabling the IOMMU in the BIOS. This is a setting that should always be enabled, because it prevents not only malicious attacks, but also memory corruption due to bugs.
Unfortunately, many BIOSes have the IOMMU disabled by default, for fear of creating problems for some legacy operating systems or applications.
v3ss0n 5 days ago [-]
most are GDDR5 and 6
okspAQ 5 days ago [-]
[dead]
pclmulqdq 5 days ago [-]
Datacenters tend to have IOMMU turned on. Consumer devices are the ones that don't turn this on by default.
towardsproject 5 days ago [-]
I think a new attack, GPUBreach, was also disclosed today that works even with IOMMU turned on. So thats not sufficient to defeat these attacks. Check out the updates to the article.
okspAQ 5 days ago [-]
[dead]
SkiFire13 5 days ago [-]
> So doesn't sound like a big deal for users, this is more of a datacenter sort of vulnerability.
If I understand it correctly though this can be used for priviledge escalation though, since it allows access to arbitrary memory.
integralid 5 days ago [-]
I believe RTX 3060 is the most common card for people who want to have local LLM in their homelab.
iugtmkbdfil834 5 days ago [-]
Wait.. so just about every passed through GPU ( from that short lsit ) is fine?
halJordan 5 days ago [-]
Ah so ars is still a pile of conde naste shit gotcha
aidenn0 5 days ago [-]
Given that attacks tend to improve, how likely is it we can see this used to e.g. make a webgl attack that can compromise a machine?
- "GPU users should understand that the only cards known to be vulnerable to Rowhammer are the RTX 3060 and RTX 6000 from the Ampere generation"
- mitigations are enabling ECC on the GPU or enabling IOMMU in BIOS
So doesn't sound like a big deal for users, this is more of a datacenter sort of vulnerability. The fact that this attack is possible at all (you can turn small GPU memory writes into access to CPU memory) is pretty shocking to me, though.
It is very likely that the attacks work on most or all consumer Ampere cards, depending on what kinds of GDDR memories they are using. They might also work on more recent GPUs.
However, it is true that such attacks are normally useful only on multi-user machines.
The most important thing is that the attacks are prevented by enabling the IOMMU in the BIOS. This is a setting that should always be enabled, because it prevents not only malicious attacks, but also memory corruption due to bugs.
Unfortunately, many BIOSes have the IOMMU disabled by default, for fear of creating problems for some legacy operating systems or applications.
If I understand it correctly though this can be used for priviledge escalation though, since it allows access to arbitrary memory.