### TRRespass: Exploiting the Many Sides of Target Row Refresh

#### P. Frigo, E. Vannacci, H. Hassan, V. Van der Veen, O. Mutlu, C. Giuffrida, <u>H. Bos</u>, K. Razavi









Emanuele Vannacci



Pietro Frigo

# The rise and rise and rise of Rowhammer





















Don't know in advance which flips, but if it flips once, it will flip again

# **Rowhammer Evolution**

[10]



: RH across network

# Rowhammer Evolution



# Memory integrity is dead



### I am not worried

# server memory is much better!



# **Challenge Accepted**



Lucian Cojocar

# I flip bits in ECC memory!

### I win awards!





I am still not worried

# new memory is much better still!

# Target Row Refresh (TRR)

Track row activations: too many? $\rightarrow$  refresh victims Many possible implementations  $\rightarrow$  unknown





# **Reverse engineering**

#### Analysis from CPU not possible

#### FPGA-based memory controller



# **Reverse engineering**

### Analysis from CPU not possible

### FPGA-based memory controller

### **Discovered 3 things**

- sampler : keeps set of rows
- inhibitor : refreshes victims
- regret : about life choices



# We need different patterns!

Need to trick TRR into tracking wrong rows!



# **Many-sided Rowhammer**







Lawyers

Proxies

### National Cyber Security Center

Anonymous email

Rector

#### Vinod Subramaniam (rector)

#### Awesome

#### Read our paper. Twice.



# Rowhammer Evolution



### 2020 PWNIE AWARDS

### **TRRespass!**

#### **Reverse Engineering**



Best Paper Award IEEE Security & Privacy 2020 TRRespass effective on 13 out of 42 tested DIMMs

The DDR4 substrate is much more vulnerable! Bit flips with less activations compared to RH on DDR3 devices

TRR is not secure TRR can track a limited number of rows at the same time. Thus, victim rows are not refreshed



DDR4 devices are even more vulnerable than previous versions

All major vendors are affected

90% of the market

We can use fuzzing on DRAM!

After 10 years RH is still a problem

No immediate mitigation

