‘RAMBleed’ Rowhammer attack can now steal data, not just alter it
A team of academics from the US, Austria, and Australia, has published new research today detailing yet another variation of the Rowhammer attack.
The novelty in this new Rowhammer variety — which the research team has named RAMBleed — is that it can be used to steal information from a targeted device, as opposed to altering existing data or to elevate an attacker’s privileges, like all previous Rowhammer attacks, have done in the past.
What is Rowhammer?
For readers unfamiliar with the term “Rowhammer,” this is the name of a class of exploits that takes advantage of a hardware design flaw in modern memory cards (also known as RAM).
By default, a memory card stores data inside storage cells, which are arranged on the RAM’s actual silicon chip in rows, in the form of a grid.
Back in 2014, academics found that by reading data stored on one row repeatedly, over and over again, they could create an electrical charge that would alter data stored in nearby memory rows.
By coordinating these repeated read operations, in an operation named row hammering, they could either cause data corruption or manipulate data in malicious ways.
Throughout the years, academics greatly expanded the methods and exploitation scenarios of the original Rowhammer research, taking a crazy experiment and showing how the technique could be used in the real world:
New RAMBleed attack
But in a research paper published today, academics unveiled RAMBleed, the first Rowhammer attack that can actively deduce and steal data from a RAM card.
To do this, researchers had to come up and combine different techniques, which, when assembled, would permit a RAMBleed attack to take place. This included:
- Researchers found a way to abuse the Linux buddy allocator to allocate a large block of consecutive physical addresses memory on which they could orchestrate their attack.
- Researchers designed a new mechanism, which they called “Frame Feng Shui,” for placing victim program pages at a desired location on the physical memory.
- Researchers developed a new method of arranging data in memory and hammering memory rows to infer what data is located in nearby memory cells, rather than just produce a bit flip from 0 to 1, and vice versa.
As shown in the image above, a RAMBleed attack happens when the attacker hammers rows A0 and A2 and reads the bit flips (modifications) on row A1, near the “secret” blocks, in the “sampling area.”
The idea is that by carefully arranging data inside RAM in a format the attacker wants and knows, the attacker can read bit flips in an area adjacent to the “secret” data it wants to steal.
By combining these novel techniques, researchers said they were able to steal an RSA key from an OpenSSH server in a demo Linux environment.
ECC doesn’t stop RAMBleed attacks
Furthermore, modern RAM cards that use ECC protections don’t stop RAMBleed attacks. ECC memory, which works by reversing rogue Rowhammer-induced bit flips back to their original states, does not protect data integrity, but merely corrects it.
“RAMBleed does not necessarily require the attacker to read the bit to determine if it has flipped. Instead, all the attacker requires for mounting RAMBleed is an indication that a bit in the sampling page has flipped (and subsequently corrected),” academics said.
“[T]he synchronous nature of the ECC correction algorithm typically exposes such information through a timing channel, where memory accesses that require error correction are measurably slower than normal accesses.”
This allows academics/attackers to know what memory bits have been corrected, and deduce the value they’ve been corrected from/to — making the RAMBleed attack possible.
The academic team said it notified Intel, AMD, OpenSSH, Microsoft, Apple, and Red Hat about their findings.
More details about the RAMBleed attack — tracked as CVE-2019-0174 — are available in a research paper entitled “RAMBleed: Reading Bits in Memory WithoutAccessing Them.”