CVE-2020-10255

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2020-10255
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2020-03-10 16:15:00 UTC
Updated2020-03-16 15:23:00 UTC
DescriptionModern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit flips on affected memory modules, aka a Many-sided RowHammer attack. This means that, even when chips advertised as RowHammer-free are used, attackers may still be able to conduct privilege-escalation attacks against the kernel, conduct privilege-escalation attacks against the Sudo binary, and achieve cross-tenant virtual-machine access by corrupting RSA keys. The issue affects chips produced by SK Hynix, Micron, and Samsung. NOTE: tracking DRAM supply-chain issues is not straightforward because a single product model from a single vendor may use DRAM chips from different manufacturers.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Hardware Micron Ddr4 Sdram - All All All
Hardware Micron Ddr4 Sdram - All All All
Hardware Micron Lpddr4 - All All All
Hardware Micron Lpddr4 - All All All
Hardware Samsung Ddr4 - All All All
Hardware Samsung Ddr4 - All All All
Hardware Samsung Lpddr4 - All All All
Hardware Samsung Lpddr4 - All All All
Hardware Skhynix Ddr4 Sdram - All All All
Hardware Skhynix Ddr4 Sdram - All All All
Hardware Skhynix Lpddr4 - All All All
Hardware Skhynix Lpddr4 - All All All

References

ReferenceSourceLinkTags
VUSec on Twitter: "Remember #Rowhammer? Old variants won't work on recent DDR4 chips. Introducing #TRRespass, a Rowhammer fuzzer that finds new Many-Sided #Rowhammer patterns to bypass in-DRAM #TRR on "Rowhammer-free" DIMMs of all vendors. Coming soon: app to test your phone https://t.co/h4X7N69Rgs" MISC twitter.com Third Party Advisory
TRRespass - VUSec MISC www.vusec.net Third Party Advisory
Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks MISC thehackernews.com Third Party Advisory
Katelyn Gadd on Twitter: "I love that DRAM manufacturers apparently decided the solution for Rowhammer was "fix the most common version of it in a way that has an incredibly obvious workaround", and then released new hardware that was more vulnerable… https://t.co/phPO4KPJNm" MISC twitter.com Third Party Advisory
download.vusec.net/papers/trrespass_sp20.pdf MISC download.vusec.net Third Party Advisory
GitHub - vusec/trrespass: TRRespass MISC github.com Product
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 375724 Lenovo Rowhammer DDR4 Vulnerability (LEN-31370)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report