Latest security research reveals that Rowhammer memory hardware attacks have expanded from traditional CPUs and DDR memory (such as DDR4) to NVIDIA GPUs utilizing GDDR6 video memory, further threatening the security of host CPU systems. This attack involves high-frequency targeted access to DRAM, triggering specific bit flips, bypassing memory isolation mechanisms, and ultimately granting attackers control over the device. The technical principle is based on the physical characteristics of DRAM: when a specific memory row is repeatedly accessed at high speed, electromagnetic interference causes charge leakage in adjacent rows, leading to bit flips (changing 0 to 1 or vice versa). Early research showed that DDR3 memory required approximately 139,000 row activations per second to potentially trigger flips, but with modern GHz-level CPU frequencies, attacks can be achieved in a very short time through optimized code. In 2025, researchers from the University of Toronto first demonstrated a Rowhammer attack variant, GPUHammer, targeting the NVIDIA A6000 GPU (equipped with GDDR6 memory). By tampering with deep neural network model weights, they reduced AI model accuracy from 80% to 0.1%. The latest research in 2026 further uncovered two new attack methods—GDDRHammer and GeForge: the former induced an average of 129 bit flips per memory bank on RTX 6000 graphics cards (a 64-fold increase over previous generations), while the latter triggered 1,171 flips on RTX 3060. Both methods bypassed NVIDIA driver protections using 'memory massaging' techniques, tampered with GPU page table mappings to gain full read-write access to CPU memory, and ultimately achieved complete control over the host's physical memory.