The Google team has discovered a new Rowhammer attack against random access memory (RAM), significantly expanding the range of potentially vulnerable devices.
First described in 2014, Rowhammer is an attack based on the design of modern memory cards, where memory cells are stored in a grid. The main principle of the attack is that a malicious application can read/write operations to rows of memory cells in an accelerated mode. This leads to the fact that the cells change their value from 0 to 1 and vice versa in a very short period of time, due to which a small electromagnetic field is formed inside the rows of memory cells.
Under the influence of the electromagnetic field, errors occur in nearby rows of cells, resulting in flip bits and data changes in adjacent rows. In a 2014 study, experts stated that they were able to take advantage of the effect of an electromagnetic field on memory cells and manipulate data changes.
The research published by Google experts has taken Rowhammer to the next level. In a new version of the attack called Half-Double, the researchers managed to flip bits at a distance of not one, but two rows of memory cells from the attacked row.
“Unlike the TRRespass attack, which exploits blind spots in the protection implemented by manufacturers, Half-Double is an intrinsic property of the silicon wafer. This probably indicates that the electrical connection required for Rowhammer is a property of distance and can be enhanced and extended by reducing the geometry of the cells. Distances of more than two rows are also possible, ”the researchers said.
In other words, as RAM cards have gotten smaller over the past few years, the spacing between rows of memory cells has also decreased, and the electromagnetic field generated by Rowhammer now covers more cells than in 2014.
Catch up on more articles here
Follow us on Twitter here