Cybersecurity researchers at ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random access memory) attack that, for the first time, works successfully against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR).
“This result demonstrates that AMD systems are just as vulnerable to Rowhammer as Intel systems, which significantly increases the attack surface, considering AMD’s current market share of approximately 36% on x86 desktop CPUs,” the researchers said .
The technique is codenamed ZenHammer, which can also trigger the RowHammer bit flip on DDR5 devices for the first time.
RowHammer, first made public in 2014, is a well-known attack that exploits the architecture of DRAM memory cells to alter data by repeatedly accessing a specific row (also known as hammering) to cause the electrical charge of one cell to adjacent cells.
This can induce random bit flips in neighboring memory rows (from 0 to 1 or vice versa), which can alter memory contents and potentially facilitate privilege escalation, compromising the confidentiality, integrity, and availability of a system .
The attacks exploit the physical proximity of these cells within the memory array, a problem that will likely get worse as DRAM technology continues to grow and storage density increases.
“As DRAM continues to grow, RowHammer bit flips can occur at lower activation counts, and thus a benign workload’s DRAM row activation rates may approach or even exceed the RowHammer threshold,” the researchers noted from ETH Zurich in an article published in November 2022.
“Therefore, a system may experience bit flips or frequently trigger RowHammer defense mechanisms even without an attacker executing a RowHammer attack on the system, leading to data corruption or significant performance degradation.”
One of the crucial mitigations implemented by DRAM manufacturers against RowHammer is TRR, which is a generic term used for mechanisms that update target rows that are determined to be accessed frequently.
By doing so, the idea is to generate multiple memory update operations so that victim rows are updated before the bits are flipped or corrected after the bits are flipped due to RowHammer attacks.
ZenHammer, like TRRespass and SMASH, bypasses TRR guardrails by reverse engineering secret DRAM address functions in AMD systems and adopting improved refresh synchronization and scheduling of flushing and fencing instructions to trigger bit flips on seven Zen 2 devices sample out of 10 and you are out of 10 Zen 3 devices.
The study also arrived at an optimal sequence of hammering instructions to improve row activation rates and facilitate more effective hammering.
“Our results showed that regular loads (MOVs) with CLFLUSHOPT to purge attackers from the cache, issued immediately after an attacker accesses (‘scatter’ style), are optimal,” the researchers said.
ZenHammer has the distinction of being the first method capable of triggering bit flips on systems equipped with DDR5 chips on AMD’s Zen 4 microarchitectural platform. That said, it only works on one of the 10 devices tested (Ryzen 7 7700X).
It’s worth noting that DDR5 DRAM modules were previously considered immune to RowHammer attacks because they replaced TRR with a new type of protection called refresh management.
“Changes in DDR5 such as improved RowHammer mitigations, on-die error correction code (ECC), and a higher refresh rate (32 ms) make it more difficult to trigger the bit flip,” the researchers said .
“Given the lack of bit flips on nine out of 10 DDR5 devices, further work is needed to better understand potential new RowHammer mitigations and their security guarantees.”
AMD, in a security bulletin, said it is evaluating the RowHammer bit flip on DDR5 devices and will provide an update once completed.
“AMD microprocessor products include memory controllers designed to meet industry-standard DDR specifications,” he added. “Susceptibility to RowHammer attacks varies by DRAM device, vendor, technology and system settings.”