New Rowhammer Attack Bypasses Existing Defenses

A group of security researchers has discovered a new type of attack that can exploit the Rowhammer vulnerability in DRAM chips that was uncovered several years ago, effectively bypassing existing defenses.

In a newly published paper (PDF), eight researchers from Graz University of Technology, the University of Pennsylvania (and University of Maryland), and University of Adelaide reveal attack methods that can allegedly bypass even a combination of defenses against Rowhammer.

In March 2015, Google demonstrated that the Rowhammer bug affects some dynamic random-access memory (DRAM) chips and can be exploited to gain kernel privileges on Linux systems. Although initially discovered in 2012, the issue was not documented until 2014.

Memory cells, which are arranged in a grid pattern of rows and columns, are smaller and placed closer together in newer DRAM chips, which have become smaller in size. Thus, it is more difficult to prevent cells from electrically interacting with each other, and repeatedly accessing a row of memory can cause data to become corrupt in nearby rows.

In July 2015, a team of researchers from Austria and France demonstrated that Rowhammer can be exploited remotely using JavaScript. Although the researchers hadn’t developed a full root exploit at the time, they did warn that malicious actors could adapt Rowhammer exploits to gain root privileges.

Late last year, a team of researchers proposed two software-based mitigation techniques, claiming that they can even work against single-sided attacks. One is a bootloader extension to detect and disable vulnerable memory, while the other ensures that there is at least one raw of memory between the row controlled by the attacker and the row storing the targeted data.

The newly published research paper proposes a novel attack technique called one-location hammering, which doesn’t target multiple DRAM rows, but focuses on keeping only one DRAM row constantly open. The exploitation technique, opcode flipping, can bypass isolation mechanisms by flipping bits in a predictable and targeted way in userspace binaries, the researchers say.

“We replace conspicuous and memory-exhausting spraying and grooming techniques with a novel reliable technique called memory waylaying. Memory waylaying exploits system-level optimizations and a side channel to coax the operating system into placing target pages at attacker chosen physical locations,” the researchers explain.

By abusing Intel SGX, the team also managed to hide the attack from the user and the operating system, thus evading all detection attempts. According to the paper, the abused Rowhammer enclave can be leveraged both for denial of service attacks in the cloud and for privilege escalation on personal computers.

The new method, the paper reveals, can evade all existing defenses, including static analysis, monitoring of CPU performance counters, monitoring of unusual high-frequency memory access patterns, preventing abuse of memory exhaustion, and using memory allocator to physically isolate user and kernel memory cells.

Related: Researchers Propose Software Mitigations for Rowhammer Attacks

Related: Researchers Show DRAM “Rowhammer” Bug Can Be Exploited Remotely