Readers may think Rowhammer and bit flipping are lingo from the music and dance industries, but they refer to a...
very serious flaw in dynamic random access memory, a core component in most electronic devices. The drive to fit more memory capacity onto individual DRAM chips has created a serious vulnerability, which allows an attacker to change or bit flip the value of DRAM cells from one to zero, or vice versa. This hardware-based attack bypasses core system protections that keep data secure and processes isolated from each other. This threatens a basic tenet of electronic data security, which is that the contents of memory locations only change when they are written.
DRAM chips contain millions of capacitors arranged in rows, which are either charged or discharged; these two states represent the two values of a bit, 0 and 1. To access the values held in the DRAM chips, the system has to energize an entire row of capacitors at the same time and read out all their values, as performance reasons make it impractical to read one individual bit at a time. In fact, a DRAM read operation is actually a read-and-refresh operation. Reading a row causes its capacitors to discharge and they lose their values. This means the data has to be written back immediately by recharging the row's capacitors. This read-and-refresh process actually happens on a regular basis as DRAM capacitors discharge steadily of their own accord, hence the term dynamic RAM, rather than static RAM.
As capacitors get smaller and closer together, it becomes harder to prevent neighboring capacitors from interacting electrically with each other. Accessing a row of capacitors rapidly and repeatedly can cause disturbance errors and bit flips in adjacent rows. Bit flipping rarely occurs during normal operations as caching limits the number of times the DRAM read-and-refresh cycle needs to occur. However, a research paper by researchers at Carnegie Mellon University called Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors, published in 2014, showed that repeatedly using the machine code instruction CLFLUSH – or Cache Line Flush -- clears the cache and forces a read-and-refresh. Using this technique to force repeated reading and recharging of a row -- Rowhammering -- the researchers discovered they could cause a large number of bit flips.
Recent research by Google's Project Zero team found that a malicious program could exploit the bit flipping caused by Rowhammering to run unauthorized code. The team worked out how to redirect the CPU to run code from the wrong memory addresses, by using Rowhammering to change the contents of the operating system's memory map. Four researchers from Vrije University Amsterdam have even crafted a successful attack on Windows 10 using a combination of Rowhammering and a newly discovered memory deduplication vector. It can give an attacker control of the operating system, even if the system is fully patched and running various security hardening mitigations.
It may be a while before Rowhammering exploits are seen in the wild, but this design flaw exists in hardware essential to today's computer devices. Vendors have tried to introduce mitigations and features within the architecture of DDR4 to prevent or reduce the effectiveness of Rowhammering, but Google's research and follow-up research by Third I/O Inc. show that DDR4 is not immune to Rowhammering, and more still needs to be done.
Administrators can test if devices are vulnerable to Rowhammering using FuturePlus Systems Corp's FS2800 DDR Detective's Rowhammer feature or Google's free Rowhammer test tool. While a negative result -- an absence of bit flips -- provides some assurance, it doesn't necessarily mean the device isn't vulnerable to bit flipping, just that it is difficult to achieve. These tools should only be run on test machines with a similar hardware configuration to those containing sensitive data, as it can permanently degrade DRAM chips, cause data corruption or a system crash.
As this vulnerability exists within a device's hardware, it is beyond the scope of conventional antivirus and security software, and can't be mitigated by just upgrading operating system software. Users are reliant on hardware vendors to introduce mitigations, such as increasing the minimum refresh rate to reduce the ability of Rowhammering to induce bit flips. Unfortunately, this adversely affects DRAM power consumption and performance. DRAM module manufacturers have been cagey about how their products react to Rowhammering, and details of possible mitigation mechanisms tend to be buried deep within the specs. Cisco provides some advice on low level changes that can mitigate the DRAM Rowhammer vulnerability but any new configurations should again be assessed first in a test environment. A possible hardware-solution for preventing Rowhammering errors, called ARMOR -- a run-time memory hot-row detector -- is being developed by the School of Computer Science at the University of Manchester.
If bit flipping occurs during testing, administrators could consider monitoring for processes with constant high CPU usage and high cache misses, a possible sign of a Rowhammer-based attack. Depending on the assessed level of risk, moving to hardware that supports Pseudo Target Row Refresh or Targeted Row Refresh which perform a targeted refresh of a hammered row may be an option, but the best advice is to speak directly with your vendor for advice on how best to protect a specific environment from attack. Finally, as any immediate fixes will most likely come in the form of BIOS updates, administrators should ensure that they track security announcements from their hardware vendors.
Find out if the Rowhammer vulnerability points to rising hardware vulnerabilities
Learn about using Flash in unison with DRAM
Read about virtualizing backup deduplication