During the 38c3 conference, a framework called Flippyram was introduced, aimed at verifying vulnerabilities that allow attacks of the Rowhammer class to manipulate the content of RAM. The tool, coded in C++, is open source and distributed under the MIT license. To simplify the testing process, a Live ISO image (1 GB) is available for booting via USB flash drive, along with a Docker container image for easier setup.
The objective of the Flippyram project is to engage users in a research study to gather statistics on how Rowhammer vulnerabilities manifest in everyday systems. Testing results can be submitted from the live distribution or manually uploaded to the research site.
The Rowhammer attack technique, proposed a decade ago, initiated a back-and-forth between security experts and hardware manufacturers to mitigate the vulnerability. Over the years, researchers have uncovered various ways to bypass memory chip defenses and exploit vulnerabilities on different systems, including DDR4 and DDR5 chips, AMD processor systems, ARM architecture, error correction methods, network-based attacks, and browser-based attacks through JavaScript execution.
The Rowhammer attack works by altering the contents of DRAM memory bits through repetitive data reads from neighboring cells. The fluctuation in voltage caused by continuous reads leads to anomalies that result in adjacent cells losing charge, potentially changing stored data. While chip manufacturers implemented the TRR (Target Row Refresh) mechanism to counter Rowhammer attacks, it does not cover all possible exploit scenarios.