March 25, 2024 at 12:11PM
ZenHammer is a variant of the Rowhammer DRAM attack specifically targeting AMD Zen CPUs and DDR4/DDR5 memory chips. Developed by researchers at ETH Zurich, it overcomes previous challenges for AMD chips and demonstrates successful bit flips in memory, posing a threat to data security and system privileges. Defenses involve software and firmware updates. Successful attacks require a deep understanding of software and hardware.
From the meeting notes:
– Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips.
– The ZenHammer attack was developed by researchers at ETH Zurich and challenges the previous notion that AMD Zen chips and DDR5 RAM modules were less vulnerable to Rowhammer.
– Rowhammer is a well-documented attack method that exploits a physical characteristic of modern DRAM to alter data by repeatedly accessing specific rows of memory cells through read/write operations to change bit values.
– The ZenHammer attack could induce bit flips with DDR4 devices on AMD Zen 2 and Zen 3 platforms. The attack was also successful with DDR5 chips on AMD’s Zen 4 microarchitectural platform but proved more challenging due to improved mitigations and higher refresh rates.
– Ultimately, the researchers were able to obtain root privileges in 10 successful attacks with an average time of 93 seconds on one of the Zen 3 test systems produced in Q4 2021.
In summary, the ZenHammer attack presents a significant security threat to AMD Zen CPUs and DDR4/DDR5 memory chips. The successful exploitation of this attack highlights the importance for AMD CPU users to apply software patches and firmware updates to defend against such threats. Additionally, utilizing hardware that has implemented specific mitigations against Rowhammer is recommended. It’s important to note that these attacks are complex and successful execution requires an attacker with a deep understanding of both software and hardware components.