Secret Flaws of In-DRAM RowHammer Mitigations

Explore the secret flaws of in-DRAM RowHammer mitigations in this 48-minute conference talk from the Hack In The Box Security Conference. Delve into the vulnerability affecting DDR3 memory chips and its evolution into DDR4. Learn how researchers reverse-engineered the Target Row Refresh (TRR) mitigation concealed within DRAM chips using FPGA-based memory controllers. Discover the implementation details, various flavors of TRR, and why RowHammer remains a persistent threat. Gain insights into creating new hammering patterns and using the RowHammer fuzzer, TRRespass. Follow the speakers' journey through DRAM architecture, exploitation techniques, software defenses, and the challenges of reverse engineering hardware security measures. Understand the implications for hardware and software security, microarchitectural attacks, and side-channel exploitation in this comprehensive exploration of RowHammer vulnerabilities and mitigations.