RowPress RAM attack

New attack method that bitflips memory cells.

New attack method that bitflips memory cells.

Today’s post is about a new attack on DRAM chips, which can affect PCs, servers and smartphones. Which is rather timely, since a fresh study has been published that investigates a new DRAM attack method dubbed RowPress. It implies hammering a DRAM row many times, causing bitflips in (physically) nearby rows. The idea itself isn’t new — something similar was presented almost a decade ago under the name RowHammer. However, RowPress is a more effective technique. But first, let’s figure out what “hammering” actually means.

How RAM works

RAM chips have never been very reliable. Loosely speaking, each memory cell, in which one bit of information is stored, is a miniature battery. When we charge it, we write a “one” to the cell. If there’s no charge, it’s “zero”. And this happens… millions of times per second! In modern microchips, these cells are densely packed to a phenomenal degree: billions of them all on a fingernail-sized crystal. With the high update rate and extreme miniaturization of electronic components, sooner or later failures are inevitable — the miniature “battery” will lose its charge, and the one will turn into a zero. Sometimes failures are caused by external factors, say, if the memory chip is exposed to heat or even cosmic rays.

Such failures can lead to critical errors. Imagine that a program stores an address in RAM that needs to be accessed when certain conditions are met. If some bits in this address spontaneously flip from one to zero, instead of your code, there’s no knowing what will get executed. Many technologies are used to avert failures;  for example, a forced update of the contents of memory cells: sequential reading/writing of information — even if neither the CPU nor the program need it right there and then. The data-reading process is destructive, so after being accessed, information must be overwritten. There’s also an error correction mechanism: the memory stores both data and separate information for checking the data’s correctness. It’s important to understand that the high density of memory cells in modern computers is a fundamental feature; they won’t work any other way.

RowHammer attack

But back to the 2014 RowHammer report. Researchers from both Carnegie Mellon University and Intel demonstrated how to exploit the above-described features of dynamically updated RAM to do harm. If data reading is destructive and is followed by overwriting, what happens if we write a program that reads tens or hundreds of thousands of times per second? This process is what researchers call “hammering”.

Schematic representation of the structure of RAM cells

Schematic representation of the structure of RAM cells. Source

Memory cells are arranged as a matrix, and any operation on a particular cell involves accessing a whole range of them. It turned out that sequential, repeated access to a row of cells affects neighboring rows. If this operation is performed a great many times, the ones and zeros in the cells of the neighboring row can flip. The 2014 study showed that such an attack was possible on the then-standard DDR3 memory modules.

Why is this dangerous? Imagine a hacker can execute some arbitrary code on the targeted system, but without special privileges. In an extreme case, it might even be the code of a web page, with a link sent to the victim. If this code is allowed to “hammer” a certain area of RAM, it can cause read disturbance in neighboring cells, where, say, operating system data might be stored.

In 2015, Google researchers showed how RowHammer could be used to gain unlimited access to a computer’s RAM. This is a highly complex attack with many unknowns: it’s still necessary to somehow get into the right memory area and cause the “right” data corruption so that the computer doesn’t freeze and the program doesn’t stop working. Nevertheless, the theoretical possibility of such an attack was confirmed.

BlackSmith: bypassing RowHammer protections

How to protect data from a RowHammer attack? The simplest way is by forcing an update of information in neighboring rows after a request to read data from a memory cell row. This significantly reduces the likelihood of data corruption. As in the case of hardware vulnerabilities in CPUs, sooner or later a problem is discovered in every protection method.

In 2021, researchers demonstrated a BlackSmith attack, which showed that under certain conditions it’s possible to cause failures even with RowHammer protections in place. How exactly did they do this? What if, instead of “hammering” the row of memory cells next to the target one, someone tries different combinations: interrogate the rows above and below the target hundreds of thousands of times, or attack four rows at once in a certain sequence? It worked. Why? Because the fundamental problem (the high density of memory cells) hasn’t gone anywhere!

RowPress: increased attack effectiveness

The new RowPress attack is even more effective, despite using the same basic principle — with one slight but crucial change: the attacker tries to keep one row of cells open for reading as long as possible. The researchers managed to find another standard feature of how memory chips and the controller operate that causes even more disturbance affecting neighboring rows of memory cells. In terms of effectiveness (measured by the number of “hammerings” required — the fewer, the better), RowPress is tens or even hundreds of times more potent than RowHammer. In a few marginal cases, the desired bitflip was achieved after a single read operation on neighboring data.

Test flowchart for investigating the operation of RAM modules.

Test flowchart for investigating the operation of RAM modules. Source

How serious a problem is this? The likelihood of a RowHammer, Blacksmith or RowPress attack on home users is miniscule. At risk are companies. In theory, these attacks could target the memory of servers running in public clouds. After all, providers give access to their servers, allocating a kind of virtual machine for users to run any code they like. They must ensure that this machine has no way of escaping from its virtual environment and gaining access to other customers’ data. Roughly speaking, such a virtual system is a program able to read and write data to a server’s RAM; in other words — a ready-made platform for attacking the memory of a physical server.

How theoretical such an attack is can be seen from the photo of the test setup used to study RowPress. The memory module has been moved to a separate board. Connected to it is some sort of debugging device for fine-tuning RAM operation. Some protection systems have been disabled. Most importantly, a heater is installed on the module with memory chips, raising the temperature to 50 or even 80 degrees Celsius, which in itself increases the chances of accidental or intentional data corruption.

Hardware attack specifics

Comparing RowPress with the earlier RowHammer, we basically see a slight modification to the memory access method that allows attackers to bypass (including on a real system, without heating or “cheating”) protections implemented by module manufacturers. The researchers proposed their own solution to this problem, which, fortunately, has little impact on performance. However, as with most hardware vulnerabilities, getting rid of them entirely is unrealistic. Reducing the density of today’s memory chips is not an option. On the contrary, their capacity only grows and grows.

Nor would implementing “reliable” error correction resolve the issue, since that would take up as much as a third of the RAM. The usual method based on error correcting codes (ECC) makes attacks less effective, but does not eliminate them. Therefore, it’s safe to say that RowPress won’t be the last “hammer” attack we see.

On the plus side, such studies remain, for the time being, a largely theoretical exercise. Researchers are finding new attack vectors, and device makers are coming up with new defenses. Sure, it’s possible that eventually they’ll accidentally discover a vulnerability with the potential for mass exploitation. However, judging by the history of such studies over the past decade, that doesn’t seem likely.

But nor should such research be dismissed as purely theoretical and abstract: what lab-based experts can do today, real cybercriminals may be capable of doing tomorrow — or in five or ten years. As for cloud service providers, they need to be clued-up on the latest developments right now, and factor them into their security models firmly.

Tips