Rowhammer RAM attack adapted to hit flash storage

Project Zero's two-year-old dog learns a new trick

By Richard Chirgwin


It's Rowhammer, Jim, but not as we know it: IBM boffins have taken the DRAM-bit-flipping-as-attack-vector trick found by Google and applied it to MLC NAND Flash.

Google's Project Zero found Rowhammer in 2015, when they demonstrated that careful RAM bit-flipping in page table entries could let an attacker pwn Linux systems.

Since the bug upsets the operating system by attacking memory rather than looking for developers' errors, it's potent even if it's limited to types of memory that aren't protected by error checks (such as ECC in newer RAM).

Ever since Project Zero's initial result, boffins have looked for other vectors or other victims (for example, it was turned into an Android root attack in 2016).

Enter a group of boffins from IBM Research Zurich, who plan to demo a Rowhammer attack on MLC NAND flash after explaining it at this week's Usenix-organised W00T17 conference in Vancouver.

Scary? Yes, but there's a couple of slivers of good news: it's a local rather than a remote attack, and the researchers constrained themselves to a filesystem-level attack rather than a full-system attack.

The bad news is that Rowhammer-for-NAND can work at lower precision than its ancestor: while the original Google research worked by flipping single bits, “ the attack primitive an attacker can obtain from MLC NAND flash weaknesses is a coarse granularity corruption”.

In other words, their “weaker attack primitive … is nevertheless sufficient to mount a local privilege escalation attack”.

To get that far, the research explain in this paper [PDF], an attack has to beat protections at all layers from the Flash chip up to the operating system:

  • Cell-to-cell interference protections on the chip.
  • The Flash controller's scrambling and error correction codes, that are designed to increase device reliability;
  • Wear-levelling and block placement algorithms in the SSD controller make memory placement less predictable, from the attacker's point of view;
  • Filesystem protections like caching and error detection have to be bypassed.

Only then does the attacker get to present their payload.

A successful privilege escalation is shown in the video below:

In a Linux ext3 filesystem formatted in 4 KB block sizes, an attacker who can create a 100 GB file has a 99.7 per cent chance of a successful exploit, the researchers note.

The particular characteristic of Linux that make the attack possible is the inode, which stores the attributes and (importantly for this attack) disk block locations of an object's data: “An indirect block is written (by the kernel filesystem driver) as soon as a file becomes larger than 12 blocks in size: this write is therefore very easy to time and trigger for the attacker.”

While they only went as far as writing a local exploit, the authors note that remote attack scenarios are feasible, through something like Javascript in a browser:

“Because browsers do allow writes and reads to the filesystem (albeit indirectly), through web content local caching, cookies, or use of the HTML5 storage API, it may be feasible to extend the attack vector presented here to remote attacks”.

The best defence, they note, is disk encryption with something like dm-crypt. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Epyc fail? We can defeat AMD's virtual machine encryption, say boffins

Updated Evil hypervisors can lift plaintext info out of ciphered memory, it is claimed

Google Assistant clears its throat, very weird 'machine IQ' tests, new AMD chip – plus more

AI Roundup DeepMind reminded neural net dev work is expensive

Machine learning library TensorFlow can count to potato... I mean, 1.7

Former Google Brain project is Eager to eat your GPU

It gets worse: Microsoft’s Spectre-fixer wrecks some AMD PCs

Updated KB4056892 is not your friend if you run an Athlon

Cohesity touts instant gratification for cloud-surfing virtual machines

Let us pour you some of this CloudSpin juice, upstart says

Microsoft, Google: We've found a fourth data-leaking Meltdown-Spectre CPU hole

Design blunder exists in Intel, AMD, Arm, Power processors

Airbus ditches Microsoft, flies off to Google

Exclusive 130,000 staffers moving out of Office

Washing machine AI? You'll thank AWS, Microsoft, Google (eventually)

The scramble for space driving the commodity race

Cisco turns to AMD Epyc for the first time in new UCS model

Four-in-a-box servers Are Not Blades. They're a scale-out-and-up density play, geddit?

HPE straps AMD chip into 2P/2U server box with Epyc results

DL385 blasts SPEC benchmark