Source: Ars Technica
Cloud GPU providers face an immediate security crisis. Researchers have weaponized Rowhammer bit-flip vulnerabilities to escape containerized environments and achieve root access on host machines. GPU scarcity forces providers like AWS and Lambda Labs to partition $8,000+ accelerators among dozens of untrusted users, making this attack vector especially dangerous. The breach undermines the isolation model that makes GPU-sharing economically viable, forcing providers to choose between expensive hardware mitigations, software patches that degrade performance, or architectural redesigns of their multi-tenant stacks. The pressure to offer cheaper GPU access—intensifying as AI workload demand drives competition—incentivizes tighter packing and weaker isolation boundaries, compounding the problem.