Serious Security Vulnerabilities in DRAM Memory Devices

Problem Not Solved
“This is an unavoidable consequence of the constantly increasing density of electronic components on the DRAM chips”, says Patrick Jattke, a PhD student in Razavi’s group at the Department for Information Technology and Electrical Engineering. It means that by repeatedly activating – or “hammering” – a memory row (the “aggressor”), an attacker can induce bit errors in a neighbouring row, also called the “victim” row. That bit error can then, in principle, be exploited to gain access to restricted areas inside the computer system – without relying on any software vulnerability.

“After Rowhammer was first discovered around ten years ago, chip manufacturers implemented mitigation measures inside the DRAM modules in order to solve the problem”, Razavi says: “Unfortunately, the problem still hasn’t been solved.” The Target Row Refresh (TRR) mitigation Razavi refers to consists of different circuits built into the memory that can detect unusually high activation frequencies of particular rows and hence guess where an attack is being launched. As a countermeasure, a control circuit then refreshes the presumed victim row prematurely and hence forestalls possible bit errors.

Sophisticated Hammering
Razavi and his colleagues have now found that this hardware-based “immune system”only detects rather simple attacks, such as double-​sided attacks where two memory rows adjacent to a victim row are targeted but can still be fooled by more sophisticated hammering. They devised a software aptly named “Blacksmith” that systematically tries out complex hammering patterns in which different numbers of rows are activated with different frequencies, phases and amplitudes at different points in the hammering cycle. After that, it checks if a particular pattern led to bit errors.

The result was clear and worrying: “We saw that for all of the 40 different DRAM memories we tested, Blacksmith could always find a pattern that induced Rowhammer bit errors,” says Razavi. As a consequence, current DRAM memories are potentially exposed to attacks for which there is no line of defence – for years to come. Until chip manufacturers find ways to update mitigation measures on future generations of DRAM chips, computers continue to be vulnerable to Rowhammer attacks.

The Ethical Dimension
Razavi is well aware of the ethical dimension of his research: “We obviously want to make the world safer, and we believe that it is important that potential victims be aware of this kind of threat so that they can make informed choices.” Luckily, he adds, those victims are unlikely to be ordinary users, as there are much simpler ways to hack most computers (a reminder that using the latest anti-virus software and updating devices are still important). Nevertheless, it is possible that nation states or powerful organisations could use such attacks for high-profile targets. To give producers time to react to the new vulnerabilities, Razavi and his colleagues already informed them several months ago. They also cooperated closely with the NCSC, which is responsible for the coordinated publication of discovered vulnerabilities in Switzerland.

In the future, the ETH researchers want to explore even more sophisticated ways of inducing bit errors. That could help chip manufacturers to test their devices and address all possible hammering attacks. “Of course, although we are releasing code that shows how to trigger bit errors, we are not currently disclosing any code that abuses these errors,” Razavi stresses.