本文介绍了名为GPUHammer的Rowhammer漏洞，该漏洞专门针对使用GDDR6显存的GPU。多伦多大学的研究表明，GPUHammer能够翻转GDDR6内存中的位，可能导致数据泄露、影响GPU性能，甚至显著降低深度神经网络模型的准确性。虽然Nvidia已发布安全通告，并提供了通过启用系统级ECC来修复该漏洞的建议，但目前该漏洞主要影响数据中心和工作站GPU，普通消费者无需过度担忧。对于使用受影响GPU的企业，应尽快按照Nvidia的指南启用GPU ECC。

💻GPUHammer是一种针对GPU的Rowhammer漏洞，专门影响使用GDDR6显存的显卡。

💡研究表明，GPUHammer能够翻转GDDR6内存中的位，可能导致数据泄露和GPU性能下降，例如深度神经网络模型的准确性可能从80%降至0.1%。

🛡️Nvidia已发布安全通告，并建议通过启用系统级ECC来修复此漏洞，该方法在位翻转时提供冗余，以便系统自动纠正错误。

⚠️目前，GPUHammer主要影响数据中心和工作站GPU，普通消费者无需过度担忧。研究人员在Nvidia RTX 3080上尝试该漏洞，但未能成功。

✅对于使用受影响Nvidia GPU的企业，应参考Nvidia的指南，启用GPU ECC以保护系统安全。

Cybersecurity issues are a fact of life in our digital age. Some threats are more concerning, while others aren’t nearly as big of a deal as some make them out to be. On today's menu, we'll talk about Rowhammer, a known exploit that affects dynamic random-access memory (DRAM). Specifically, a variant called GPUHammer that alters graphics cards with GDDR6 memory. 

According to new research from the University of Toronto, GPUHammer is the first Rowhammer variant that affects GPUs (graphics processing units) specifically. The research shows that GPUHammer can flip bits on GDDR6 memory, which can cause all sorts of issues, including leaking personal data and affecting the GPU’s ability to perform some workflows. As an example, the researchers say that flipping even one bit can reduce the accuracy of deep neural network models from 80 percent to 0.1 percent, and that accuracy degrades further when more bits are flipped. Since Nvidia GPUs are so popular with data centers and workstation computers, that means this vulnerability could impact many businesses. 

Nvidia released a security notice about the exploit. Fortunately, the fix is pretty simple. All anyone needs to do is enable System-Level ECC, or error correcting code. This simple setting creates a redundancy in the bits so if one gets flipped, the system can automatically correct it before anything goes wrong. 

Should I be worried about GPUHammer?

In short, no. Nvidia and the researchers agree that this only seems to be affecting workstation and data center GPUs. The researchers even attempted this exploit on an Nvidia RTX 3080 and were unable to get it to work. So, for us plebeians, everything is okay. In addition, BleepingComputer notes that the exploit requires conditions generally not seen in consumer-level computers anyway, so even if consumer GPUs could be exploited, there's very low risk of that actually happening. 

If you own a business that uses Nvidia workstation or data center GPUs, then you’ll want to check out the list of affected GPUs. If yours is on it, follow Nvidia's guide for enabling GPU ECC. Once it's enabled, everything should be back to normal.