April 14, 2021Ravie Lakshmanan
Academics from Vrije University in Amsterdam and ETH Zurich have published a new research paper describing yet another variation of the Rowhammer attack.
“Despite their in-DRAM Target Row Refresh (TRR) mitigations, some of the most recent DDR4 modules are still vulnerable to many-sided Rowhammer bit flips,” the researchers said.
“SMASH exploits high-level knowledge of cache replacement policies to generate optimal access patterns for eviction-based many-sided Rowhammer. To bypass the in-DRAM TRR mitigations, SMASH carefully schedules cache hits and misses to successfully trigger synchronized many-sided Rowhammer bit flips.”
What is Rowhammer?
First, a quick primer about Rowhammer, an umbrella term referring to a class of exploits that leverage a hardware design quirk in DDR4 systems. Memory RAM cards save data inside what’s called memory cells (each consisting of a capacitor and a transistor) that are arranged on the RAM’s silicon chip in the form of a matrix.
But given capacitors’ natural discharge rate, the memory cells tend to lose their state over time and therefore require a periodic reading and rewriting of each cell in order to restore the charge on the capacitor to its original level. On the other hand, increased densities of DRAM integrated circuits have enabled increased rates of electromagnetic interactions between memory cells and a greater possibility of data loss.
In 2014, researchers found that by repeatedly carrying out rapid read/write operations on a memory row, over and over again — aka “row hammering” — they could induce an electrical disturbance that would alter data stored in nearby memory rows.
In response to the findings, industry-wide countermeasures like Target Row Refresh (TRR) were billed as the “ultimate solution” for all the aforementioned Rowhammer attack versions, until VU researchers in March 2020 demonstrated a fuzzing tool called “TRRespass” that could be used to make Rowhammer attacks work on the TRR-protected DDR4 cards.
From TRRespass to SMASH
“The current version of SMASH relies on [transparent huge pages] for the construction of efficient self-evicting patterns,” the researchers said. “Disabling THP, while introducing some performance overhead, would stop the current instance of SMASH.”
“Furthermore, our exploit relies specifically on corrupting pointers in the browser to break ASLR and pivot to a counterfeit object. Protecting the integrity of pointers in software or in hardware (e.g., using PAC ) would stop the current SMASH exploit.”