CVE-2021-42114

A Rowhammer flaw was found in the latest DDR4 DRAM hardware chips. This flaw is different from the previously known attack (CVE-2020-10255) by non-uniform patterns of memory access. These DDR4 DRAM hardware chips implement a Target Row Refresh (TRR) mitigation to prevent a Rowhammer flaw-induced bit corruption across memory space. This flaw allows an unprivileged system user to use Rowhammer attack variants to induce bit corruptions across memory space, potentially resulting in a denial of service or privileges escalation scenarios. With the currently known attack scenarios, the highest threat from this vulnerability is to system availability.

Mitigation

Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. One way of possible (but non practical) mitigation is to check if hardware vulnerable with existing reproducer blacksmith and if yes, then use some software (currently only prototype available) to prevent attacks: like ARMOR or ANVIL. The other possible mitigation is to prevent high CPU (or high memory or high network) usage, because the currently known fuzzer requires some very high-speed memory access for some reasonable time period.