Researchers have successfully demonstrated a Rowhammer attack against the GDDR6 memory of an NVIDIA A6000 GPU, revealing that a single bit flip could drastically reduce the accuracy of deep neural network models from 80% to 0.1%. Nvidia has acknowledged the findings and suggested enabling error-correcting code (ECC) as a mitigation strategy, although it may impact performance and memory capacity. The researchers have also created a dedicated website for their proof-of-concept code and shared their detailed findings in a published paper.

Nvidia has recommended a performance-degrading mitigation for its RTX A6000 GPUs following the discovery of a Rowhammer vulnerability that allows hackers to exploit memory weaknesses. This attack, termed GPUhammer, can corrupt data in deep neural network models, severely impacting their accuracy. Researchers demonstrated that the exploit could tamper with critical AI applications across various industries.