Nvidia has advised customers to ensure System-Level ECC is enabled on its GPUs to protect against Rowhammer attacks, which exploit memory corruption through repeated read or write operations. Researchers from the University of Toronto identified successful exploitation on an A6000 GPU lacking ECC. Additionally, a multi-exploit attack vector known as PerfektBlue has been discovered, affecting the entertainment systems of several car manufacturers. This attack utilizes four CVEs to potentially allow remote execution and control of vehicle systems, with widespread vulnerabilities remaining despite previous patches.
Nvidia advised customers to implement mitigations against Rowhammer attacks after researchers identified that the NVIDIA A6000 GPU is vulnerable when ECC is not enabled.
Rowhammer, a method of corrupting memory by repeatedly hammering memory cells, can create electrical interference that disrupts operations, allowing potential exploitation.
The PerfektBlue attack exploits vulnerabilities in Bluetooth systems, affecting vehicles from manufacturers such as Mercedes-Benz and Volkswagen, possibly allowing remote control of engines and features.
Patches were issued for the flaws exploited in PerfektBlue last year; however, millions of cars remain at risk due to these known vulnerabilities.
Collection
[
|
...
]