A team of researchers from Google has identified a new Rowhammer attack technique that works against recent generations of dynamic random-access memory (DRAM) chips.
Rowhammer attacks — first discussed in 2014 — involve repeatedly accessing a row of memory in an effort to cause bit flips in adjacent rows, which can be useful for bypassing memory protections. A malicious actor could use Rowhammer to escalate privileges and for other purposes, and researchers have demonstrated over the past years that attacks can be launched remotely and against mobile devices.
JEDEC, an organization that develops open standards and publications for the microelectronics industry, has warned that Rowhammer attacks can pose a “serious threat to cloud service providers, data centers, laptops, smart phones, self-driving cars and IoT devices.”
The vulnerability exists because the memory cells in DRAM chips have been placed very close together to increase capacity and decrease size. This makes it more difficult to prevent cells from electrically interacting with each other.
Rowhammer defenses in many cases assume that the attacker can only cause bit flips in the immediate neighbors of the row they are targeting. However, the new attack method disclosed this week by Google, which researchers have dubbed “Half-Double,” shows that the effects of Rowhammer can extend beyond immediate neighbors, thus bypassing some of the existing defenses.
“Given three consecutive rows A, B, and C, we were able to attack C by directing a very large number of accesses to A, along with just a handful (~dozens) to B. Based on our experiments, accesses to B have a non-linear gating effect, in which they appear to ‘transport’ the Rowhammer effect of A onto C,” the Google researchers explained.
The researchers said the Half-Double attack works against newer generation DRAM chips, but it does not work against older ones, which suggests that the shrinkage of memory cell geometries makes Rowhammer attacks “stronger and longer-ranged.” They also noted that it may be possible to launch attacks that work over distances greater than two rows.
Google has been working with JEDEC and others to come up with mitigations for Rowhammer attacks. JEDEC in March released information on system level and near-term DRAM level mitigations.
“We are disclosing this work because we believe that it significantly advances the understanding of the Rowhammer phenomenon, and that it will help both researchers and industry partners to work together, to develop lasting solutions. The challenge is substantial and the ramifications are industry-wide,” Google researchers said.
Related: Researchers Propose Software Mitigations for Rowhammer Attacks
Related: New Rowhammer Attack Bypasses Existing Defenses

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Russia Blames US Intelligence for iOS Zero-Click Attacks
- Cisco Acquiring Armorblox for Predictive and Generative AI Technology
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information
- Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards
- Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
Latest News
- Russia Blames US Intelligence for iOS Zero-Click Attacks
- Toyota Discloses New Data Breach Involving Vehicle, Customer Information
- Cisco Acquiring Armorblox for Predictive and Generative AI Technology
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- Amazon Settles Ring Customer Spying Complaint
- Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information
- Adobe Inviting Researchers to Private Bug Bounty Program
- Critical Vulnerabilities Found in Faronics Education Software
