Published:2020/03/12  Last Updated:2020/03/12

JVNVU#99239584
Rowhammer attacks for TRR equipped DDR4 memory systems

Overview

A research shows that Rowhammer attack is still possible against TRR (Target Row Refresh) equipped DDR4 memory systems.

Products Affected

  • TRR (Target Row Refresh) equipped DDR4 memory systems
The research group explains that they analyse internals of multiple DDR4 memory systems, and that verifying effectiveness of their attacking methods.

Description

Recent DDR4 memory systems are equipped with TRR (Target Row Refresh) as a mitigation to Rowhammer attack.
A research group analysed internals of several memory systems and published the findings:

  • there are variations for TRR implementation
  • Rowhammer attack can be still possible to TRR equipped memory systems, using memory access patterns adapting to each TRR implementation
They provide a fuzzer tool TRRespass too.

Impact

Rowhammer attack may be possible to TRR (Target Row Refresh) equipped memory systems.

Solution

JPCERT/CC is currently unaware of a practical solution to this problem.

Vendor Status

Vendor Status Last Update Vendor Notes
FUJITSU LIMITED Not Vulnerable, investigating 2020/03/12
Japan Digital Design, Inc Vulnerability Information Provided 2020/03/12
NEC Corporation Not Vulnerable, investigating 2020/03/12
RICOH COMPANY, LTD. Vulnerability Information Provided 2020/03/12
Sharp Corporation Vulnerability Information Provided 2020/03/12
Sony Corporation Vulnerability Information Provided 2020/03/12
SOURCENEXT CORPORATION Not Vulnerable 2020/03/12

References

  1. NCSC-NL
    NCSC-2020-0180: Kwetsbaarheid ontdekt in DDR4-geheugen (TRRespass)
  2. VUSec
    TRRESPASS
  3. VUSec
    GitHub - vusec/trrespass

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2020-10255
JVN iPedia

Update History

2020/03/12
SOURCENEXT CORPORATION update status