Mitigations: One limitation of the attack is that it only works on AMD CPUs, as Intel CPUs also include additional pTRR mitigations that would need to be bypassed, and no technique has been developed so far to bypass the in-CPU pTRR mitigations.One potential mitigation in existing modules is to triple the refresh rate, the researchers found, but this would degrade performance by introducing an 8.4% overhead. Also, while this would mitigate existing Phoenix row-hammering patterns, there’s no guarantee others couldn’t be found to bypass the faster refresh rate.AMD also reportedly released a BIOS update for its CPUs that changes the memory controller’s refresh mode to Fine-Granularity Refresh (FGR), increasing the refresh rate and reducing the time dedicated to each refresh command. The research team did not get to test whether this stops Phoenix, but they do not believe this change will provide strong protection.”We strongly recommend against deploying yet another obscure mitigation without a rigorous security analysis in future devices,” the researchers concluded. “Instead, the DRAM vendors must deploy TRR mitigations with principled guarantees. The new Per Row Activation Counting specification provides a possibility for implementing such principled mitigations inside DRAM.”
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4059680/new-rowhammer-technique-against-ddr5-achieves-privilege-escalation.html
