Security News > 2021 > May > Half-Double: Google Researchers Find New Rowhammer Attack Technique
A team of researchers from Google has identified a new Rowhammer attack technique that works against recent generations of dynamic random-access memory chips.
The new attack method disclosed this week by Google, which researchers have dubbed "Half-Double," shows that the effects of Rowhammer can extend beyond immediate neighbors, thus bypassing some of the existing defenses.
"Given three consecutive rows A, B, and C, we were able to attack C by directing a very large number of accesses to A, along with just a handful to B. Based on our experiments, accesses to B have a non-linear gating effect, in which they appear to 'transport' the Rowhammer effect of A onto C," the Google researchers explained.
The researchers said the Half-Double attack works against newer generation DRAM chips, but it does not work against older ones, which suggests that the shrinkage of memory cell geometries makes Rowhammer attacks "Stronger and longer-ranged." They also noted that it may be possible to launch attacks that work over distances greater than two rows.
Google has been working with JEDEC and others to come up with mitigations for Rowhammer attacks.
"We are disclosing this work because we believe that it significantly advances the understanding of the Rowhammer phenomenon, and that it will help both researchers and industry partners to work together, to develop lasting solutions. The challenge is substantial and the ramifications are industry-wide," Google researchers said.
News URL
Related news
- Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats (source)
- New ZenHammer Attack Bypasses RowHammer Defenses on AMD CPUs (source)
- Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks (source)
- Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks (source)
- Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike (source)
- Researchers unveil novel attack methods targeting Intel’s conditional branch predictor (source)