Rowhammer Strikes Back: New DDR5 Vulnerability Uncovered by Google and ETH Zurich
Google and ETH Zurich researchers have uncovered a new Rowhammer vulnerability in DDR5 memory, dubbed “Phoenix”. This attack, though complex and resource-intensive, can compromise data integrity. While DDR5 was thought to be more resistant, this discovery highlights ongoing security challenges in memory technology.
Hot Take:
DDR5 memory vulnerabilities are like glitter at a craft party – just when you think you’ve cleaned it all up, more of it appears in the most unexpected places. Google’s researchers and ETH Zurich have discovered a new “Phoenix” Rowhammer attack to remind us that your memory’s safety is only as good as the silicon it’s etched on. As if we didn’t have enough to worry about with our memory lapses, now we’ve got to worry about our computer’s memory too!
Key Points:
– Google and ETH Zurich researchers discovered a new Rowhammer vulnerability in DDR5 memory.
– The attack, dubbed “Phoenix,” remains computationally expensive but effective.
– Per-Row Activation Counting (PRAC) was supposed to mitigate such attacks but hasn’t been applied to DDR5.
– The discovered attack has been labeled CVE-2025-6202 with a 7.1 CVSS rating.
– AMD has already responded with a BIOS update to protect its systems.