Researchers have revealed a new type of Rowhammer attack on DRAM devices that can reliably bypass mitigations implemented by vendors after the first such attacks emerged in 2014.
Data in Dynamic DRAM (DRAM) is stored in grids of memory. Rowhammer attacks work by rapidly and repeatedly reading data in one memory row to cause an electrical charge in adjacent memory rows in order to modify or corrupt data.
SEE: A winning strategy for cybersecurity (ZDNet special report)
The latest Rowhammer attack seeks to bypass Target Row Refresh (TRR) mitigations that the DRAM industry added to modern RAM cards in response to the first Rowhammer attack in 2014.
The researchers from ETH Zurich, Vrije Universiteit Amsterdam, and Qualcomm ran their attack – via a fuzzer called Blacksmith, available on GitHub – against various proprietary TRR implementations in 40 DRAM devices. The technique allowed them to quickly discover ways to cause bit flips in all of them.
“This result has a significant impact on the system’s security as DRAM devices in the wild cannot easily be fixed, and previous work showed real-world Rowhammer attacks are practical, for example, in the browser using JavaScript, on smartphones, across VMs in the cloud, and even over the network,” the group said.
“All currently deployed mitigations are insufficient to fully protect against Rowhammer. Our novel patterns show that attackers can more easily exploit systems than previously assumed,” they warned.
The 40 devices were from memory vendors Samsung, Micron, SK Hynix, as well as two more vendors that didn’t agree to have their names published in the research.
“TRR aims to detect rows that are frequently accessed (i.e., hammered) and refresh their neighbors before their charge leak results in data corruptions,” the researchers explain in a new paper.
While TRR for the most part works when detecting even multiple aggressor rows being hammered frequently, the researchers note that past Rowhammer attacks “always access aggressors uniformly”.
TRR in this sense does create a cost problem for attackers because the space to search for non-uniform patterns that can bypass the mitigation is “huge”, the researchers explain. Their answer was to run the Blacksmith fuzzer for 12 hours on sampled DDR4 DRAM devices in order to discover and build non-uniform patterns that expose weaknesses in TRR implementations designed to look for various uniform patterns.
“Thereafter, we swept the best pattern (based on the number of total bit flips triggered) over a contiguous memory area of 256 MB and report the number of bit flips,” they explain in a blogpost.
SEE: This mysterious malware could threaten millions of routers and IoT devices
The technique enabled them to use these non-standard patterns to trigger bit flips in all 40 DRAM devices. In some cases, the technique uncovered several thousand bit flips within seconds.
This type of Rowhammer attack targeting TRR is likely to get more powerful in future. The group says it is working with Google to fully integrate the Blacksmith fuzzer into an open-source FPGA Rowhammer-testing platform.
The researchers’ findings are being tracked as CVE-2021-42114. The researchers have discussed their findings with Intel and Google, which separately this week launched a new open-source Rowhammer Tester platform.