The Exploitation of Rowhammer Attack Just Got Easier

Tragically, this limitation has now been eliminated, at least for some devices.

Researchers at the Vrije Universiteit Amsterdam and the College of Cyprus have now discovered that sending despiteful packets over LAN can trigger the Rowhammer attack on systems running Ethernet network cards outfitted with Remote Direct Memory Access (RDMA), which is generally utilized as a part of clouds and data centres.

Since RDMA-enabled network cards allow computers in a system to trade information (with read and write privileges) in the fundamental memory, mishandling it to get to host’s memory in fast progression can trigger bit flips on DRAM.

“We rely on the commonly-deployed RDMA technology in clouds and data centres for reading from remote DMA buffers quickly to cause Rowhammer corruptions outside these untrusted buffers, these corruptions allow us to compromise a remote Memcached server without relying on any software bug.” researchers said in a paper [PDF] published Thursday.

Since activating a bit flip requires a huge number of memory accesses to particular DRAM locations within milliseconds, a fruitful  Throwhammer attack would require a very high-speed network of no less than 10Gbps.

In their experimental setup, the researchers achieved bit flips on the said focused server subsequent to accessing its memory 560,000 times in 64 milliseconds by sending packets over LAN to its RDMA-empowered network card.

Since Rowhammer exploits a computer hardware weakness no software fix can completely settle the issue once and for all. Researchers trust that the Rowhammer risk isn’t just genuine but also has the potential to cause serious damage.

For additional in-depth knowledge on this new attack technique, the users’ can access this paper published by the researchers on Thursday [PDF], titled

 “Throwhammer: Rowhammer Assaults over the System and Resistances”

Leave a Reply