The fisrt idea was appearing in ICSA 2014. In the paper, the author showed an phenomenon that by repeatedly accessing one row in cache, the bit in nearby rows may by flipped.
In the architecture of CPU, each cell lies at the intersection of two perpendicular wires: a wordline and a bit line.
An access to a rank occurs in three steps: (i) “opening” the desired row within a desired bank, (ii) accessing the desired columns from the row-buffer, and (iii) “closing” the row.
Since the charge stored in a DRAM cell is not persistent, charge in a cell needs to be refreshed after a period of time. On most architecture, the refresh time window is 64ms.
In general, disturbance errors occur whenever there is a strong enough interaction between two circuit components (e.g., capacitors, transistors, wires) that should be isolated from each other. Depending on which component interacts with which other component and also how they interact, many different modes of disturbance are possible.
Among them, the author identifies one particular disturbance mode that afflicts commodity DRAM chips from all three major manufacturers. When a wordline’s voltage is toggled repeatedly, some cells in nearby rows leak charge at a much faster rate. Such cells cannot retain charge for even 64ms.
Memory Fault Exploitation
The next problem is how to use a memory fault to launch a successful exploit.
Through corrupting the value of a pointer, the bit flip may cause a vulnerability similar to out-of-bound read/write.
A similar side channel attack was proposed in academic paper in 2003 . The bit flip induced by cosmic ray is used for attacking virtual machine.
In the work of M. Seaborn, it proposed two realistic exploit via bit flipping:
Native Client (NaCl) sandbox escape in Chrome
Bit flips make instruction sequence unsafe.
Linux kernel privilege escalation
Privilege escalation in 7 easy steps
1. Allocate a large chunk of memory
2. Search for locations prone to flipping
3. Check if they fall into the “right spot” in a PTE for allowing the exploit
4. Return that particular area of memory to the operating system
5. Force OS to re-use the memory for PTEs by allocating massive quantities of address space
6. Cause the bitflip – shift PTE to point into page table
7. Abuse R/W access to all of physical memory
In practice, there are many complications
In the original rowhammer attack, the attacker needs to use/generate native code, such as CLFLUSH to repeatedly read value in memory. However, in most attacking scenarios of RCE, attackers cannot get such ability to use native code in the local machine. One way is to use provided script language to achieve same functionality.
Adaptive Cache Attack
The goal of the attack is to find a suitable eviction set and eviction strategy. An eviction strategy accesses addresses from an eviction set in a specific access pattern and can ideally be used as a replacement for clflush. Eviction set is commonly defined as a set of congruent addresses. The access pattern defines in which order addresses from the eviction set are accessed, including multiple accesses per address.
The following access pattern shows an eviction strategy on Haswell architecture:
Different from the LRU(Least Recently Used) strategy introduced in textbooks, Haswell adopted a Pseudo LRU in its implementation. According to the observation of the author, the best eviction strategy is shown as above. In a further step, the author proposed an Adaptive Cache Attack to find a dynamic eviction set and a dynamic eviction pattern.
cached(p) function tries to evict using the current eviction set and decides whether an access was cached or not based on the access time.
M. Seaborn found on all test machines a significantly higher probability for bit flips in a row N when hammering its neighbor rows N − 1 and N + 1. This technique is dubbed “double-sided hammering”.
The eviction sets are precomputed in the f_evist and s_evict using physical address mapping.
To quantify the advantage of the adaptive eviction strategy, the authors performed 12 million memory access on a fixed address which is supposedly evicted. They compared eviction using the LRU eviction strategy, their adaptive eviction strategy and for comparison.
code is almost the same. Thus, if a machine is vulnerable
using native code implementation it is vulnerable using
 Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors
 Using Memory Errors to Attack a Virtual Machine
Exploiting the DRAM rowhammer bug to gain kernel privileges
 Research report on using JIT to trigger RowHammer