Researchers have demonstrated a new variation of the Rowhammer attack: dubbed RAMBleed, it may allow attackers to read data stored inside the computer’s physical memory.
“While the end-to-end attack we demonstrated read out OpenSSH 7.9’s RSA key, RAMBleed can potentially read any data stored in memory. In practice, what can be read depends on the victim program’s memory access patterns,” they explained.
About Rowhammer and RAMBleed
Rowhammer is an exploitable issue in some computer chips that allows attackers to repeatedly access (“hammer”) rows in dynamic random-access memory (DRAM).
This allows them to induce bit flips in neighboring rows and to do things like gaining root privileges and evading a sandbox, do the same thing remotely, compromise Linux virtual machines on cloud servers, hack Android devices remotely, etc.
For RAMBleed, the researchers employed Rowhammer as a read side channel.
“Previous attacks exploited the Rowhammer effect to write (or flip) bits in the victim’s memory. RAMBleed is different in that it uses Rowhammer for reading data stored inside the computer’s physical memory. As the physical memory is shared among all process in the system, this puts all processes at risk,” the researchers noted.
“Furthermore, in contrast to Rowhammer write side channels, which require persistent bit flips, our read channel succeeds even when ECC [error-correcting code] memory detects and corrects every bit flip. Thus, we demonstrate the first security implication of successfully-corrected bit flips, which were previously considered benign.”
Not a present danger
The researchers – Andrew Kwong and Daniel Genkin from University of Michigan, Daniel Gruss from Graz University of Technology, and Yuval Yarom from University of Adelaide and Data61 – say that any system that uses Rowhammer-susceptible DIMMs is vulnerable to RAMBleed.
The good news is the attack is, for the moment, a theoretical danger as there are several limitations that interfere with its efficacy. For example, it requires the victim process to allocate memory for its secret in a predictable manner. Also, its rate of reading memory is only around 3–4 bits per second, slow enough to allow memory scrubbing countermeasures to remove short-lived secret data from the target’s memory.
Nevertheless, time and additional research are likely to make it more effective and usable.
“Users can mitigate their risk by upgrading their memory to DDR4 with targeted row refresh (TRR) enabled. While Rowhammer-induced bit flips have been demonstrated on TRR, it is harder to accomplish in practice,” they pointed out.
“Memory manufacturers can help mitigate this issue by more rigorously testing for faulty DIMMs. Furthermore, publicly documenting vendor specific TRR implementations will facilitate a stronger development process as security researchers probe such implementations for weaknesses.”
Their research has been done with Intel’s support. AMD, OpenSSH, Microsoft, Apple, and Red Hat have also been notified of their findings.