Published in PC Hardware

Rowhammer attacks level up

by on28 May 2021


Attacks broaden as RAM gets smaller

A team of Google security researchers said they discovered a new way to perform Rowhammer attacks against computer memory (RAM) cards that broaden the attack's initial impact.

For those not in the know, Rowhammer was a ground-breaking attack that exploited the design of modern RAM cards, where memory cells are stored in grid-like arrangements.  

The basic principle behind Rowhammer was that a malicious app could perform rapid read/write operations on a row of memory cells. As the cells would shift their values from 0 to 1 and vice versa in a very small time window, this would generate small electromagnetic fields inside the row of "hammered" memory cells.

The result of these fields were errors in nearby memory rows that sometimes flipped bits and altered adjacent data.

In a research paper published this week, a team of five Google security researchers took Rowhammer attacks to a new level. In a new attack variation named Half-Double, researchers said they managed to carry out a Rowhammer attack that caused bit flips at a distance of two rows from the hammered row instead of just one.

The Google team is saying that while RAM cards become smaller in recent years, the distance between memory rows was also decreased, allowing the electromagnetic field caused by Rowhammer to reach more memory cells than in the original 2014 attack.

The main threat from Half-Double attacks primarily comes from the fact that TRR protections were designed to protect nearby memory cells and not cells at a two-row distance—meaning that Half-Double now joins TRRespass as the second Rowhammer variation that can bypass TRR.

But while there are no known cases where Rowhammer attacks have been used in the real world, Google’s discovery is monumental, at least from an academic standpoint.

It confirms once again that TRR is not enough to protect from Rowhammer exploits.

In a blog post today, Google said that it is currently working with several semiconductor industry players to search “possible solutions for the Rowhammer phenomenon” and encouraged fellow experts to join their efforts, as “the challenge is substantial and the ramifications are industry-wide”.

Last modified on 28 May 2021
Rate this item
(0 votes)

Read more about: