# RowHammer and Beyond

**Authors:** Onur Mutlu

arXiv: 1903.11056 · 2019-03-28

## TL;DR

This paper discusses the RowHammer vulnerability in DRAM, a hardware failure mechanism that can be exploited for system security breaches, and explores potential solutions and similar issues in other memory technologies.

## Contribution

It provides an analysis of the root causes of RowHammer, reviews exploitation techniques, and discusses future challenges in memory reliability and security.

## Key findings

- RowHammer can be exploited to gain kernel privileges
- Remote attacks exploiting RowHammer have been demonstrated
- Memory scaling may introduce new security vulnerabilities

## Abstract

We will discuss the RowHammer problem in DRAM, which is a prime (and likely the first) example of how a circuit-level failure mechanism in Dynamic Random Access Memory (DRAM) can cause a practical and widespread system security vulnerability. RowHammer is the phenomenon that repeatedly accessing a row in a modern DRAM chip predictably causes errors in physically-adjacent rows. It is caused by a hardware failure mechanism called read disturb errors. Building on our initial fundamental work that appeared at ISCA 2014, Google Project Zero demonstrated that this hardware phenomenon can be exploited by user-level programs to gain kernel privileges. Many other recent works demonstrated other attacks exploiting RowHammer, including remote takeover of a server vulnerable to RowHammer. We will analyze the root causes of the problem and examine solution directions. We will also discuss what other problems may be lurking in DRAM and other types of memories, e.g., NAND flash and Phase Change Memory, which can potentially threaten the foundations of reliable and secure systems, as the memory technologies scale to higher densities.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1903.11056/full.md

## References

111 references — full list in the complete paper: https://tomesphere.com/paper/1903.11056/full.md

---
Source: https://tomesphere.com/paper/1903.11056