This new attack bypasses Rowhammer defenses in most DRAM, say researchers
Researchers have discovered a new type of Rowhammer attack targeting DRAM devices that can bypass mitigations created by vendors after the first such attacks were detected back in 2014. In DRAM devices, data is stored in grids of memory. The Rowhammer attack method works through rapidly and repeatedly reading data in one memory row, which causes an electrical charge in adjacent memory rows. This attack effectively modifies or corrupts the surrounding data. The latest Rowhammer attack seeks to bypass the Target Row Refresh (TRR) mitigations added by the DRAM industry.
Researchers from ETH Zurich and Qualcomm investigated the attack method against proprietary TRR implementations in 40 different DRAM devices. The researchers were able to discover ways to cause bit flips in all of the devices. The researchers stated that the result of the testing has a significant impact on security as DRAM devices in the wild cannot be easily fixed. Furthermore, all currently deployed mitigations do not protect against the Rowhammer attack method. Attackers may be able to more easily exploit DRAM systems than were previously believed, warned the researchers.