A team of researchers representing several universities has disclosed the details of RAMBleed, a new type of side-channel attack on dynamic random-access memory (DRAM) that can be used to obtain potentially sensitive data from a device’s memory.
Rowhammer attacks are possible due to the fact that memory cells in DRAM chips have been placed very close together in an effort to increase capacity and decrease size. This makes it more difficult to prevent cells from electrically interacting with each other and researchers have demonstrated that repeatedly accessing specific memory locations can cause bit flips.
Security experts have previously demonstrated that these bit flips can be exploited for privilege escalation. However, researchers from the University of Michigan, Graz University of Technology and University of Adelaide have now shown that an attacker with limited privileges can use a Rowhammer attack to deduce bits in nearby rows, including data associated with other processes and the kernel.
Previous Rowhammer attacks relied on write side-channels, which involve persistent bit flips that can be mitigated by error-correcting code (ECC) memory. Researchers say RAMBleed uses Rowhammer as a read side-channel and it does not require persistent bit flips, allowing it to bypass ECC.
“Rowhammer induced bit flips are data dependent, i.e. a bit is more likely to flip when the bits above and below it have the opposite charge. This creates a data-dependent side channel, wherein an attacker can deduce the values of bits in nearby rows by observing bit flips in her own memory rows. Finally, as the data in nearby rows might belong to a different process, this leakage breaks the isolation boundaries enforced by the operating system,” the researchers explained.
“To exploit this effect, we developed novel memory massaging techniques to carefully place the victim’s secret data in the rows above and below the attacker’s memory row. This causes the bit flips in the attacker’s rows to depend on the values of the victim’s secret data. The attacker can then use Rowhammer to induce bit flips in her own memory, thereby leaking the victim’s secret data,” they added.
The researchers who discovered RAMBleed demonstrated its impact by attacking OpenSSH and leaking a 2048-bit RSA key. While this sounds serious, they have highlighted that OpenSSH was merely a convenient target for demonstrating RAMBleed and it’s not more vulnerable compared to other software.
RAMBleed attacks work against devices that use DDR3 and DDR4 memory modules. “We suspect that many classes of computers are susceptible to RAMBleed,” the researchers said.
As for mitigations, researchers recommend upgrading memory modules to DDR4 with targeted row refresh (TRR) enabled; this feature does not completely block Rowhammer attacks, but it does make them more difficult to carry out in practice.
“Memory manufacturers can help mitigate this issue by more rigorously testing for faulty DIMMs. Furthermore, publicly documenting vendor specific TRR implementations will facilitate a stronger development process as security researchers probe such implementations for weaknesses,” said the researchers.
There is no evidence that RAMBleed has been exploited in the wild. However, the experts noted that commercial security software is unlikely to be able to detect these types of attacks.
Oracle has released an advisory for RAMBleed and other vendors will likely do the same. Oracle says its servers and infrastructure are not impacted due to the use of mitigations such as TRR, and the company believes no additional software patches will be needed.