Researchers at ETH Zurich have developed the ZenHammer attack, a variant of the RowHammer class of attacks to modify the contents of individual bits of dynamic random access memory (DRAM), adapted for use on platforms with AMD processors. Past RowHammer attacks have been limited to systems based on Intel processors, but research has shown that memory corruption can also be achieved on platforms with AMD memory controllers.
The method was demonstrated on AMD Zen 2 and Zen 3 systems with DDR4 memory from three leading manufacturers (Samsung, Micron and SK Hynix). The attack successfully bypasses the TRR (Target Row Refresh) mechanism implemented in memory chips, which is aimed at protecting against corruption of memory cells in adjacent rows. According to researchers, systems based on AMD Zen 3 CPUs are more vulnerable than systems with Intel Coffee Lake processors, and they are easier and more effective to attack. On AMD Zen 2 systems, cell distortion was achieved for 7 out of 10 tested DDR4 chips, and on Zen 3 systems for 6 out of 10. Researchers also analyzed the possibility of an attack on AMD Zen 4 systems with DDR5 memory, but the attack method developed for DDR4 was successful reproduced on only 1 out of 10 tested DDR5 memory chips, while the possibility of an attack itself is not excluded, but requires the development of more efficient reading patterns suitable for DDR5 devices.
To work with AMD chips, they were able to adapt previously developed exploits that change the contents of entries in the memory page table (PTE, page table entry) to gain kernel privileges, bypass password/authority checks by modifying the memory of the sudo process, and damage the RSA-2048 public key stored in memory in OpenSSH to recreate the private key. The memory page attack was reproduced on 7 out of 10 DDR4 chips tested, the RSA key attack on 6 chips, and the sudo attack on 4 chips, with attack times of 164, 267, and 209 seconds, respectively.
The method can also be used to attack a system through browsers, to make changes from virtual machines, or to launch an attack over a network. The source code for the DARE toolkit for reverse engineering the address layout in DRAM memory is posted on GitHub under an MIT license, as well as two sets of utilities for fuzzing testing of bit corruption in memory - ddr4_zen2_zen3_pub for DDR4 chips (Zen 2 and Zen 3) and ddr5_zen4_pub for DDR5 chips ( Zen 4), which can be used to test their systems for susceptibility to attack.
The RowHammer method is used to distort bits, which is based on the fact that in DRAM memory, which is a two-dimensional array of cells consisting of a capacitor and a transistor, performing continuous reads of the same memory region leads to voltage fluctuations and anomalies that cause a small loss of charge neighboring cells. If the reading intensity is high, then the neighboring cell may lose a sufficiently large amount of charge and the next regeneration cycle will not have time to restore its original state, which will lead to a change in the value of the data stored in the cell. The researcher identified the features of physical memory mapping and synchronization with memory update mechanisms used in AMD processors, which made it possible to recreate low-level DRAM addressing, determine the addresses of neighboring cells, develop methods for bypassing caching, and calculate patterns and frequency of operations that lead to loss of charge.
To protect against RowHammer, chip manufacturers use the TRR (Target Row Refresh) mechanism, which blocks cell corruption in special cases, but does not protect against all possible attack options. The most effective method of protection remains the use of memory with error correction codes (ECC), which significantly complicate, but do not completely eliminate, RowHammer attacks. Increasing the frequency of memory regeneration can also reduce the likelihood of a successful attack.
AMD has published a report on the issue stating that AMD processors use memory controllers that comply with DDR specifications, and since the success of the attack depends primarily on the system settings and DRAM memory, questions about resolving the issue should be directed to the memory manufacturers and systems Existing ways to make Rowhammer-class attacks more difficult include using ECC memory, increasing the frequency of memory regeneration, disabling the deferred regeneration mode, and using processors with controllers that support MAC (Maximum Activate Count) mode for DDR4 (1st, 2nd and 3rd generation AMD EPYC "Naple ", "Rome" and "Milan") and RFM (Refresh Management) for DDR5 (4th generation AMD EPYC).
Source: opennet.ru