New Rowhammer-style attacks on Nvidia graphics cards now turn GPU memory into a launchpad for full system compromise. Labeled GDDRHammer and GeForge, the techniques flip individual bits in GDDR memory cells and turn silent hardware faults into code execution on the host CPU.

Rowhammer exploits repeated DRAM access patterns to induce bit flips through electrical charge leakage, a textbook example of disturbance errors and fault injection. By adapting this to high-bandwidth GDDR on consumer and data center GPUs, the new attacks bypass traditional memory isolation between device and host, corrupting page tables and control structures shared with the CPU.

The work shows that error correcting code and memory refresh strategies tuned for performance workloads do not reliably contain these flips once an attacker can craft precise access patterns. Direct memory access channels and unified virtual memory, both designed for efficiency, become the conduit that turns localized GPU faults into a complete system takeover.

As accelerators become central to general computing rather than isolated graphics hardware, this class of attack shifts Rowhammer from a niche DRAM problem into a broader question about how much trust any shared memory hierarchy can safely bear.