Jump to content
  • Google discloses new Rowhammer technique that alters memory contents of newer DRAM chips


    mood

    • 409 views
    • 3 minutes
     Share


    • 409 views
    • 3 minutes

    Google discloses new Rowhammer technique that alters memory contents of newer DRAM chips

     

    Rowhammer is a known vulnerability in DRAM through which multiple access requests to one memory address can allow you to modify the contents of other memory addresses. The breach was first discussed in 2014 and affected the chip that was mainstream at that time, which is DDR3. Google also published a working exploit in 2015.

     

    Essentially, the vulnerability exists because of electrical coupling phenomenon in silicon chips which bypasses software- and hardware-based protection. To defend against this flaw, many DRAM manufacturers implemented logic in their chips that detected these illegal accesses and then retroactively blocked them. However, even with DDR4 and newer memory chips, Rowhammer can still be exploited through methods like TRRespass.

     

    Now, Google has disclosed a new Rowhammer technique dubbed "Half-double" which is much more dangerous than the vanilla version. While the latter allowed you to access one adjacent row if you repeatedly accessed one memory address, Google has demonstrated that it can even go beyond this by one more row, although with reduced potency. That said, it has highlighted that it may be possible to access rows which are even farther.

     

    During it's research, when the company accessed memory address "A" a large number of times, it was not only able to access address "B" dozens of times but also managed to attack address "C". This is demonstrated in the graphic below.

     

    1622002612_imagelikeembed_story.jpg

     

    Google went on to say that:

     

    Unlike TRRespass, which exploits the blind spots of manufacturer-dependent defenses, Half-Double is an intrinsic property of the underlying silicon substrate. This is likely an indication that the electrical coupling responsible for Rowhammer is a property of distance, effectively becoming stronger and longer-ranged as cell geometries shrink down. Distances greater than two are conceivable.

     

    Overall, the vulnerability is quite significant because it enables a malicious piece of code to escape its sandbox environment and potentially take over the system, in the worst case. As such, Google is working with industry partners such as JEDEC, which is a semiconductor engineering trade organization, to figure out potential solutions. The firm has also published two documents for some mitigations techniques which you can view here and here.

     

    Google hopes that by disclosing its findings publicly, industry partners and researchers will work together towards a more permanent solution. This is a particularly dangerous exploit which allows software to bypass security policies due to the physics of the hardware, so will require wider collaboration across various industries.

     

     

    Source: Google discloses new Rowhammer technique that alters memory contents of newer DRAM chips


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...