Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
Phoenix: a Rowhammer attack vs. DDR5 memory
Phoenix: a Rowhammer attack vs. DDR5 memory
harlan4096 Online
MalWare Zoo Team
*******
Posts: 15,293
Threads: 9,899
Thanks Received: 9,175 in 7,327 posts
Thanks Given: 10,035
Joined: 12 September 18
#1
Bug  04 October 25, 08:18
Quote:Phoenix, a new variant of the Rowhammer attack, makes it possible to attack DDR5 memory modules.
 
In September 2025, researchers at ETH Zurich (the Swiss Federal Institute of Technology) published a paper introducing Phoenix, a modification of the Rowhammer attack that works on DDR5 memory modules. The authors not only demonstrated the new attack’s effectiveness against 15 tested modules, but also proposed three practical use cases: reading and writing data from memory, stealing a private encryption key stored in memory, and bypassing Linux’s sudo utility protections to escalate privileges.

The Rowhammer attack: a brief history

To understand this rather complex study, we need to first briefly revisit the history of Rowhammer. The Rowhammer attack was first described in a 2014 research paper. Back then, researchers from both Carnegie Mellon University and Intel showed how repeatedly accessing rows of memory cells could cause adjacent memory cells to change value. These neighboring cells could contain critical data — the alteration of which could have serious consequences (such as privilege escalation).

This happens because each cell in a memory chip is essentially a capacitor: a simple component that can hold an electrical charge for only a short time. That’s why such memory is volatile: turn off the computer or server, and the data disappears. For the same reason the charge in cells must be frequently refreshed — even if no one is accessing that memory region.

Memory cells aren’t isolated; they’re organized in rows and columns, interconnected in ways that can cause interference. Accessing one row can affect a neighboring row; for example, refreshing one row can corrupt data in another. For years, this effect was only known to memory manufacturers — who tried their best to mitigate it in order to improve reliability. But as cells became smaller and therefore packed more tightly together, the “row hammering” effect became exploitable in real-world attacks.

After the Rowhammer attack was demonstrated, memory developers began to introduce defenses, resulting in Target Row Refresh (TRR) hardware technology. In theory, TRR is simple: it monitors aggressive access to rows and, if detected, forcibly refreshes adjacent rows. In practice, it wasn’t so effective. In 2021, researchers described the Blacksmith attack, which bypassed TRR by using more sophisticated memory-cell access patterns.

Continue Reading...
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Wikipedia sees decline in human pageview...
Wikipedia has reve...harlan4096 — 11:30
Google announces end of many of its Priv...
When Google announ...harlan4096 — 11:29
Xubuntu's website was hacked to spread a...
Xubuntu's website ...harlan4096 — 07:19
EPIM PRO
NOTE Astonsoft ...jasonX — 18:32
PrivadoVPN - Secure Every Device with On...
PrivadoVPN - Secure ...jasonX — 17:45

[-]
Birthdays
Today's Birthdays
avatar (47)vikgoMam
Upcoming Birthdays
avatar (47)Michaelaceve
avatar (37)QuadirLigh
avatar (38)Mblippek
avatar (44)viecontAceve
avatar (40)Michaelcrini

[-]
Online Staff
There are no staff members currently online.

>