A research team has developed a new twist on how the Rowhammer attacks, which have been known in principle for years, can be carried out on most current DDR4 memory modules. The problem is worse than previously thought, which is why the attack called “Blacksmith” with the identification number CVE-2021-42114 receives a “critical” rating in the Common Vulnerability Scoring System (CVSS): 9 out of 10 possible points.
The research team from ETH Zurich, Vrije Universiteit Amsterdam and Qualcomm especially criticizes the inertia of the hardware industry: The Rowhammer principle has been known since 2012; in 2015, Google’s research team developed practical attacks. Six years later there is still no reliable protection.
For Blacksmith, the team around Kaveh Razavi designed an automatism, which finds vulnerable memory cells and causes so-called bit flips without previous defense mechanisms such as Target Row Refresh (TRR) in the DRAM chips recognizing the attack pattern.
Change charge states
The attack baptized Blacksmith does not change the basic functionality of Rowhammer: Rowhammer uses the structure of SDRAM components, which consist of billions of tiny memory cells, each with a capacitor-transistor pair. Information is stored about the state of charge, but read / write amplifiers (sense amps) and column decoders always access longer rows, which are electrically connected to one another and thus influence one another.
If you “hammer” a memory cell with innumerable read commands, this can change the state of charge of neighboring cells to such an extent that a charge limit is exceeded and the information is read incorrectly. The bit contained “flips” from 0 to 1 or from 1 to 0. As a result, memory address boundaries that are supposedly securely isolated from one another can be overcome – user and kernel space, for example, are blurred.
The research team tested 40 different modules with SDRAM components from the three largest manufacturers Samsung, SK Hynix and Micron. Blacksmith was able to trigger bit-flips in all of them – sometimes in a matter of seconds, sometimes only after minutes, and rarely after hours. Since rowhammer-based attacks have to change numerous bits in order to cause a data leak in conjunction with other attack patterns, the fast bit flips are particularly relevant.
Inadequate security mechanisms
The RAMBleed security gap bypassed existing measures as early as 2019, but Blacksmith is now doing it automatically and comparatively quickly. This is like a race with the Target Row Refresh (TRR), which is supposed to recognize row hammer patterns and update memory rows before a bit flips. In the summary, ETH Zurich writes that TRR is far too slow in its current form. Blacksmith hides from TRR through alternating access patterns and shows which address spaces are vulnerable.
SDRAM with the Error Correction Code (ECC) slows down Blacksmith, but does not provide a reliable remedy. To encrypted RAM, if necessary with different cryptographic keys per virtual machine, does the paper (PDF) not provide any information.
Background to Rowhammer at heise +: