Google discovers new Rowhammer attack technology


Researchers have released details of a new Rowhammer vulnerability called “Half-Double”, which exploits smaller and smaller DRAM chips.

Google researchers have published their findings in a new Rowhammer technology, which expands the attacker’s coverage on the target computer as DRAM chips become smaller.

Rowhammer first reported in 2014 as a vulnerability, through which repeated access to an address can allow an attacker to destroy data stored in other addresses. When repeatedly accessing a DRAM row (“Attacker”), a “bit flip” is found in two adjacent rows (“Victim”). When the “hammered” cell changes its value, it causes the data in the adjacent row to change.

Research on Rowhammer in recent years has shown that DDR3 and DDR4 types of memory are vulnerable to attacks. Experts have also discovered that these attacks can be accomplished using JavaScript rather than complex malware code. These attacks can help attackers elevate privileges, create root directories for devices, or cause denial of service attacks on tools such as security software.

In the past, Rowhammer was understood as running within the distance of a line. However, in the newly discovered Half-Double attack, Google researchers found that Rowhammer’s effect can spread to rows outside of the neighboring neighbors of the target cell, albeit at a lower intensity. The attack may cause the victim’s bit to flip into two lines instead of one line.

The researcher wrote in the blog: “Given the three consecutive lines of A, B, and C, we can attack C by making a large number of visits to A and a small number of visits to B (about dozens).” The discovery.

Their findings indicate that as RAM chips become smaller, Rowhammer attacks can be used to affect more units. The researchers said in their post: “This is likely to indicate that the electrical coupling responsible for Rowhammer is a characteristic of distance. As the battery’s geometry shrinks, it will actually become stronger and have a longer range.”

Read Google’s full blog post for more details.

“Dark Reading Bulletin” briefly introduced the importance of breaking news events and provided a summary. For more information about the original source of the news item, please click on the link provided in this article.View the complete bio

Recommended reading:

More insights

Related Articles

Back to top button