New Rowhammer technique bypasses existing DDR4 memory defenses

The_King

The_King

Level 12
Thread author
Verified
Top Poster
Well-known
Aug 2, 2020
542
Content source
https://www.bleepingcomputer.com/news/security/new-rowhammer-technique-bypasses-existing-ddr4-memory-defenses/
Researchers have developed a new fuzzing-based technique called 'Blacksmith' that revives Rowhammer vulnerability attacks against modern DRAM devices that bypasses existing mitigations.

The emergence of this new Blacksmith method demonstrates that today's DDR4 modules are vulnerable to exploitation, allowing a variety of attacks to be conducted.
Click to expand...

The Rowhammer effect​

Rowhammer is a security exploit that relies on the leaking of electrical charges between adjacent memory cells, enabling a threat actor to flip 1s and 0s and change the content in the memory.

This powerful attack can bypass all software-based security mechanisms, leading to privilege escalation, memory corruption, and more.

It was first discovered in 2014, and within a year, two working privilege escalation exploits based on the researcher were already available.

Gradually, this became a widespread problem, and even Android tools were developed, exploiting the Rowhammer vulnerability on smartphones to gain root access.

The mitigations applied to address this bit-flipping problem showed the first signs of their insufficiency in March 2020, when academic researchers proved that a bypass was possible.

Manufacturers had implemented a set of mitigations called "Target Row Refresh" (TRR), which were mainly effective in keeping the then-new DDR4 safe from attacks.

The attack used against it was called 'TRRespass,' and was another fuzzing-based technique that successfully found usable Rowhammering patterns.
Click to expand...

DDR5 may be safer​

Newer DDR5 DRAM modules are already available in the market, and adoption will pick up pace in the next couple of years.

In DDR5, Rowhammer may not be as much of a problem, as TRR is replaced by "refresh management," a system that keeps track of activations in a bank and issues selective refreshes once a threshold is reached.

This means that scalable fuzzing on a DDR5 DRAM device would be a lot harder and possibly a lot less effective, but that remains to be seen.
Click to expand...
 
  • Wow
  • Like
  • +Reputation
Reactions: Nevi, Gandalf_The_Grey, silversurfer and 2 others
You must log in or register to reply here.

Similar threads

MuzzMelbourne
    • Like
    • Wow
There’s a new way to flip bits in DRAM, and it works against the latest defenses
Replies
0
Views
852
News Archive
MuzzMelbourne
MuzzMelbourne
silversurfer
    • Wow
    • Like
    • +Reputation
New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks
Replies
3
Views
1,732
News Archive
Freki123
F
silversurfer
    • +Reputation
    • Like
    • Wow
Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data
Replies
0
Views
1,386
News Archive
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top