A team of security researchers from Google has demonstrated yet another variant of the Rowhammer attack that bypasses all current defenses to tamper with data stored in memory.
Dubbed "Half-Double," the new hammering technique hinges on the weak coupling between two memory rows that are not immediately adjacent to each other but one row removed.
"Unlike TRRespass, which exploits the blind spots of manufacturer-dependent defenses, Half-Double is an intrinsic property of the underlying silicon substrate," the researchers noted.
"This is likely an indication that the electrical coupling responsible for Rowhammer is a property of distance, effectively becoming stronger and longer-ranged as cell geometries shrink down. Distances greater than two are conceivable."
Rowhammer attacks are similar to speculative execution in that both break the fundamental security guarantees made by the underlying hardware. Discovered in 2014, Rowhammer refers to a class of DRAM vulnerabilities whereby repeated accesses to a memory row ("aggressor") can induce an electrical disturbance big enough to flip bits stored in an adjacent row ("victim"), thereby allowing untrusted code to escape its sandbox and take over control of the system.
While DRAM manufacturers deployed countermeasures like ..
Support the originator by clicking the read the rest link below.
