Bug 2023777 (CVE-2021-42114) - CVE-2021-42114 hw: dram: new non-uniform circumvent TRR to induce bit flips via Rowhammer
Summary: CVE-2021-42114 hw: dram: new non-uniform circumvent TRR to induce bit flips v...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2021-42114
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2023634
TreeView+ depends on / blocked
 
Reported: 2021-11-16 14:29 UTC by Alex
Modified: 2021-11-25 19:15 UTC (History)
34 users (show)

Fixed In Version:
Doc Type: ---
Doc Text:
A Rowhammer flaw was found in the latest DDR4 DRAM hardware chips. This flaw is different from the previously known attack (CVE-2020-10255) by non-uniform patterns of memory access. These DDR4 DRAM hardware chips implement a Target Row Refresh (TRR) mitigation to prevent a Rowhammer flaw-induced bit corruption across memory space. This flaw allows an unprivileged system user to use Rowhammer attack variants to induce bit corruptions across memory space, potentially resulting in a denial of service or privileges escalation scenarios. With the currently known attack scenarios, the highest threat from this vulnerability is to system availability.
Clone Of:
Environment:
Last Closed: 2021-11-16 15:00:40 UTC
Embargoed:

Attachments (Terms of Use)

Description Alex 2021-11-16 14:29:24 UTC 
A flaw was found in the way latest DDR4 DRAM chips implement Target Row Refresh (TRR) mitigation to prevent Rowhammer induced bit flips across memory space. An unprivileged system user may leverage this flaw and use Rowhammer attack variants to induce bit corruptions across memory space, potentially resulting in DoS OR privileges escalation scenarios.
This type of attack is different from the previously known (ex. CVE-2020-10255) by non-uniform patterns of memory access: means some patterns of memory access possibly allows to bypass current TRR defense of modern DDR4 chips.
Comment 1 Product Security DevOps Team 2021-11-16 15:00:37 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-42114
Note You need to log in before you can comment on or make changes to this bug.