GPU-initiated 'Rowhammer' attack

Created on 3/May/2018

Security experts have newly identified a way to initiate a so-called 'Rowhammer’ attack on DDR memory by using a malicious WebGL program. This vulnerability relies on high-precision timers in WebGL as well as an understanding of the target system GPU cache architecture. 

The so-called ‘Rowhammer’ vulnerability has been understood for several years and mitigations in the memory sub-system are effective. In common with other side-channel attacks, reducing timer precision or timer dithering within the web browser is a mitigation against the WebGL based methodology. While Systems/SoCs with Arm Mali GPUs are potentially vulnerable, we are not aware of any such exploitations, and believe that the memory structure and internal timing of Mali GPUs would make it difficult to implement.

We will continue to work with the ecosystem on robust mitigations.