X

Corporate Security Blog

TRRespass

Eric Maurice
Director of Security Assurance

On March 10th  2020, security researchers published a paper titled “TRRespass: Exploiting the Many Sides of Target Row Refresh”.  This paper describes a new kind of attack against certain DDR4 Dynamic Random Access Memory (DRAM) modules which were previously thought to be immune to RowHammer-style attacks.

Rowhammer issues result from unintended interactions between memory cells that are physically close together.  These issues were first identified with DDR3 DIMMs memory modules, and the initial mitigations focused on the use of increased memory refresh rates.  Starting with DDR4 however, DRAM suppliers embedded Rowhammer protection known as Targeted Row Refresh (TRR) inside the DRAM modules. 

The March 10th paper describes variations of the original Rowhammer exploit, which can bypass the TRR defenses in some DDR4 DIMMs.  The researchers have reported that the applicability of these techniques varies according to the DRAM design and manufacturing process.  Note however that Rowhammer-derived attacks would require an attacker to have the ability to execute malicious code locally on the targeted machines. 

At this point in time, Oracle has determined that:

  • Error Correction Code (ECC) and/or increased DIMM refresh rates in affected memory modules may make the TRRespass technique more difficult to use. 
  • Oracle X5, X6, X7, X8, E1, E2 series and Oracle SPARC S7, T7, T8, M7, M8 series servers use DDR4 DIMMs along with ECC. 
  • Older Oracle servers using DDR3 memory also use ECC and other Rowhammer mitigations (pseudo-TRR or increased DIMM refresh rates)

Oracle is performing additional security testing using the new TRRespass technique.  At this point in time, Oracle has not determined that this technique can be exploited against Oracle SPARC servers or Oracle x86 servers, including those used in Oracle Cloud Infrastructure and Oracle Exadata Engineered systems.

It is important to remember that any Rowhammer or derivative attacks, such as the new TRRespass technique, requires that an attacker be able to locally execute malicious code against the targeted system.  Therefore, Oracle recommends that customers follow good security practices including maintaining least privilege principles and keeping operating system software and firmware up to date

Oracle will continue to investigate these issues and will provide, as needed, updated information to customers on My Oracle Support.  For more information about Oracle Corporate Security Practices, see https://www.oracle.com/corporate/security-practices/