March 26, 2024 at 11:00AM
Researchers at ETH Zürich have demonstrated that Rowhammer attacks can be conducted against DDR4 and DDR5 memory on AMD Zen 2 and Zen 3 systems, despite mitigation efforts. They have named this variant ZenHammer and disclosed their findings to AMD, which has published a security bulletin and provided mitigation recommendations. More research is needed for effective DDR5 countermeasures.
From the meeting notes, it is clear that researchers at the ETH Zürich university have demonstrated vulnerabilities in AMD Zen 2 and Zen 3 CPUs related to Rowhammer attacks on DDR4 and DDR5 memory. These attacks could potentially be used to bypass memory protections, escalate privileges, and decrypt sensitive data.
The researchers, who have named the attack ZenHammer, have reported their findings to AMD and have also published a technical paper on the attack. They have provided an open source ZenHammer fuzzer to check for bit flips on AMD Zen 2, 3, and 4 CPUs.
AMD has acknowledged the research, is investigating the claims, and has published a security bulletin with recommendations for mitigating Rowhammer-style attacks. They advise contacting DRAM or system manufacturers to determine susceptibility to this new variant of Rowhammer. They also stated that susceptibility to Rowhammer attacks varies based on the DRAM device, vendor, technology, and system settings.