"Google Reveals a New Rowhammer Attack"
Google recently released details regarding its discovery of a new Rowhammer vulnerability. The vulnerability dubbed "Half-Double" improves upon the attack style used against DRAM memory, first reported in 2014, suggesting that the Rowhammer problem will likely not go away anytime soon. The Rowhammer attack involves rapidly and repeatedly accessing data in one memory row on a RAM chip to trigger bit flips and create an electrical charge that changes data stored in other addresses in a nearby memory row on a chip. The attacking memory rows are called the aggressors, while the rows where bit flips occur are called victim rows. Since the discovery of the first Rowhammer attack, researchers have shown many ways in which the technique can be used to change data stored on RAM cards, including DDR3 and DDR4 generations. The Rowhammer attack was initially limited to scenarios where a threat actor had physical access to the target, but researchers have proven that the attack could be executed over the web remotely and used to gain control over Linux virtual machines in the cloud. Google Project Zero (GPZ) researchers explained that the attack works because DRAM cells are becoming increasingly smaller and close together, making it more difficult to prevent the cells from interacting electrically with each other. According to Google, the Half-Double attack technique takes advantage of the worsening physics of some of the newer DRAM chips to alter memory contents. This article continues to discuss the original Rowhammer attack and how the Half-Double technique expands it.