Cybersecurity researchers have demonstrated yet another variation of the Rowhammer attack affecting all DRAM (dynamic random-access memory) chips that bypasses currently deployed mitigations, thereby effectively compromising the security of the devices.
The new technique — dubbed “Blacksmith” (CVE-2021-42114, CVSS score: 9.0) — is designed to trigger bit flips on target refresh rate-enabled DRAM chips with the help of novel “non-uniform and frequency-based” memory access patterns, according to a study jointly published by academics from ETH Zurich, Vrije Universiteit Amsterdam, and Qualcomm Technologies.
Originally disclosed in 2014, Rowhammer refers to a fundamental hardware vulnerability that could be abused to alter or corrupt memory contents by taking advantage of DRAM’s tightly-packed, matrix-like memory cell architecture to repeatedly access certain rows (aka “aggressors”) that induces an electrical disturbance large enough to cause the capacitors in neighbouring rows to leak charge faster and flip bits stored in the “victim” rows adjacent to them.
A double-sided Rowhammer access pattern sandwiches a victim row in between two aggressor rows, maximizing the bit flips in the victim row. Another method called Half-Double, as established by Google researchers earlier this May, leverages the weak coupling between two memory rows that are not immediately adjacent to each other but one row removed to tamper with data stored in memory and, in principle, even gain unfettered access to the system.
To thwart attacks of this kind, modern memory modules come equipped with a dedicated in-memory defense mechanism called Target Row Refresh (TRR), which aims to detect the aggressor rows that are frequently accessed and refresh their neighbors before their charge leak results in data corruption, thus forestalling any possible bit flips.
However, recent research such as TRRespass, SMASH, and Half-Double have determined that TRR-based mitigations alone are insufficient to fully protect devices against Rowhammer attacks. Blacksmith is the latest work to join the list of methods that can completely circumvent TRR protections to activate bit errors on TRR-enabled DDR4 devices.
The approach involves conducting a series of experiments to identify complex “non-uniform” patterns in which different numbers of aggressor rows are hammered with different frequencies, phases and amplitudes that can still bypass TRR, with the study finding at least one pattern that triggered Rowhammer bit errors across 40 DDR4 devices from Samsung, Micron, SK Hynix, and an unnamed manufacturer.
That said, there might be a light at the end of the tunnel, what with TRR being replaced by a new line of defense called “refresh management” in DDR5 DRAM modules, a mechanism that “keeps track of activations in a bank and issues selective refreshes to highly activated rows once a threshold has been reached.”
“The tendency in DRAM manufacturing is to make the chips denser to pack more memory in the same size which inevitably results in increased interdependency between memory cells, making Rowhammer an ongoing problem,” Google’s open-source team said last week, alongside announcing what’s called the Rowhammer Tester platform for “experimenting with new types of attacks and finding better Rowhammer mitigation techniques.”