IBM researchers: Rowhammer-like attack on flash memory can provide root privileges to attacker

The way NAND flash memory used in Solid State Disks (SSDs) works, makes it possible for an attacker with write access to get root privileges on a system, researchers from IBM demonstrated during the WOOT ’17 conference currently held in Vancouver. The method they’ve demonstrated works similar to that of the ‘Rowhammer’ DRAM attack.

IBM researchers: Rowhammer-like attack on flash memory can provide root privileges to attacker

Rowhammer is a vulnerability in DRAM memory that allows an attacker to manipulate memory without accessing it. By repeatedly accessing a specific memory location somewhere in memory a bit can unintendedly ‘flip’, meaning that a ‘1’ can flip to a ‘0’ or vice versa. By flipping bits it’s eventually possible to get read and write access to all physical memory after which it’s possible to get kernel privileges.

The Rowhammer attack was already demonstrated in 2015 and researchers from IBM were curious to find out whether a similar attack was also possible against SSD drives with MLC NAND flash memory.

“DRAM is not the only place that holds sensitive data that is essential to the correct working of security primitives implemented in software,” the researchers write in their report. Also through the filesystem used by the operating system it’s possible to gain access to sensitive data. In their tests the researchers used the ext3 filesystem on Linux.

However also other software could be a threat, according to the researchers, “any program (in the broad sense) that accesses the SSD, directly or indirectly, is potentially a target for non physical integrity attacks on SSDs.”

In their scenario, the researchers assume that the victim runs a filesystem on a SSD disk that consists of MLC NAND flash memory. They also assume that the attacker has ‘unprivileged’ rights ( i.e non root) to the system and that corruption of the underlying Flash media is possible The attacker doesn’t need to have physical access to the system, it could also be a server with shell access.

Just like with the Rowhammer attack on DRAM memory, NAND flash chips of SSDs can be manipulated in a similar way which allows an attacker to elevate his rights on the system. To protect against the attack, a SSD can be encrypted. In the future the attackers hope to demonstrate a full system attack.

Several hardware manufacturers such as Google and Apple released updates for their devices in response to the Rowhammer attack. It’s unclear whether the IBM researchers informed hardware manufacturers about their attack on SSDs.

Full report here (.PDF) | via

Update: Our reporting was incorrect, here is a comment from the author of the report:  “Author here, I would like to set the record straight.We do not claim to have an attack on SSDs. The journalist seems to have misunderstood and not read the paper. The attack demonstrated is not on an FPGA or SSD. The main point this paper makes and demonstrates is that if you can cause corruption of a full block (i.e., completely garble contents of a chosen block), then you can elevate privileges (with some assumptions, like using ext3). Note that this result does not depend on whether you are using an SSD, a disk, or any other storage for your filesystem.”