A new ZenHammer attack is targeting more AMD CPUs

RowHammer, say hello to ZenHammer, your not-so-distant cousin

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The infamous Rowhammer DRAM attack can now be pulled off on someAMDCPUs as well, academic researchers from ETH Zurich have proved.

As reported byBleepingComputer, the researchers dubbed the attack ZenHammer, after cracking the complex, non-linear DRAM addressing functions in AMD platforms.

For the uninitiated, the Rowhammer DRAM attack revolves around changing data in Dynamic Random Access-Memory (DRAM), by repeatedly “hammering”, or accessing, specific rows of memory cells. Memory cells keep information as electric charges. These charges determine the value of the bits, which can either be a 0, or a 1. As the density of the memory cells in today’s chips is fairly big, “hammering” can alter the state in adjacent rows, or “flip” the bit. By flipping specific bits, the attackers can pull cryptographic keys, or othersensitive data, BleepingComputer explained.

Purely theoretical?

Purely theoretical?

This means that AMD has joinedIntelandARMCPUs who were already known to be vulnerable to hammering attacks.

The researchers tested their theory on different platforms. For AMD Zen 2, they were successful 70% of the time. For AMD Zen 3, 60%. For AMD Zen 4, however, they were only successful 10% of the time, suggesting that “the changes in DDR5 such as improved Rowhammer mitigations, on-die error correction code (ECC), and a higher refresh rate (32 ms) make it harder to trigger bit flips."

While usually academic research is purely theoretical, the researchers said this attack could be pulled off in the real world, too. They simulated successful attacks targeting the system’s security, and manipulating page table entries for unauthorized memory access.

Those fearing ZenHammer, it’s important to stress that these types of attacks are quite difficult to pull off. What’s more, there are patches and mitigations. Earlier this week, AMD released a security advisory with mitigation options.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time