Bug 2023777 (CVE-2021-42114)

Summary: CVE-2021-42114 hw: dram: new non-uniform circumvent TRR to induce bit flips via Rowhammer
Product: [Other] Security Response Reporter: Alex <allarkin>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: acaringi, adscvr, airlied, alciregi, bhu, brdeoliv, bskeggs, dhoward, dvlasenk, fhrbata, hdegoede, hkrzesin, jarod, jarodwilson, jeremy, jforbes, jglisse, jonathan, josef, jshortt, jstancek, jwboyer, kcarcia, kernel-maint, kernel-mgr, lgoncalv, linville, masami256, mchehab, nmurray, ptalbert, rvrbovsk, steved, walters
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A Rowhammer flaw was found in the latest DDR4 DRAM hardware chips. This flaw is different from the previously known attack (CVE-2020-10255) by non-uniform patterns of memory access. These DDR4 DRAM hardware chips implement a Target Row Refresh (TRR) mitigation to prevent a Rowhammer flaw-induced bit corruption across memory space. This flaw allows an unprivileged system user to use Rowhammer attack variants to induce bit corruptions across memory space, potentially resulting in a denial of service or privileges escalation scenarios. With the currently known attack scenarios, the highest threat from this vulnerability is to system availability.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-16 15:00:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2023634    

Description Alex 2021-11-16 14:29:24 UTC 
A flaw was found in the way latest DDR4 DRAM chips implement Target Row Refresh (TRR) mitigation to prevent Rowhammer induced bit flips across memory space. An unprivileged system user may leverage this flaw and use Rowhammer attack variants to induce bit corruptions across memory space, potentially resulting in DoS OR privileges escalation scenarios.
This type of attack is different from the previously known (ex. CVE-2020-10255) by non-uniform patterns of memory access: means some patterns of memory access possibly allows to bypass current TRR defense of modern DDR4 chips.
Comment 1 Product Security DevOps Team 2021-11-16 15:00:37 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-42114