Phoenix Rowhammer Attack Defeats DDR5 TRR: Root in 109 Seconds (CVE-2025-6202)

CyberSecureFox 🦊

Researchers from Google and the COMSEC group at ETH Zurich have disclosed Phoenix, a new Rowhammer technique that circumvents modern DDR5 defenses, including Target Row Refresh (TRR) implementations in SK Hynix modules. Tracked as CVE-2025-6202, Phoenix enabled root privilege escalation on a representative system in under 109 seconds, underscoring that Rowhammer remains a practical hardware threat despite generational DRAM improvements.

Rowhammer explained: why bit flips in DRAM still enable attacks

Rowhammer, first characterized in 2014, exploits the physical layout of DRAM. Rapidly activating specific memory rows can induce bit flips in adjacent rows due to charge leakage in densely packed cells. When these flips land in security-critical data structures, attackers can escalate privileges, tamper with binaries, or compromise cryptographic materials. Unlike software bugs, Rowhammer originates from hardware physics, making universal patches challenging once modules are shipped.

How Phoenix bypasses DDR5 TRR protections

TRR is designed to detect “hot” rows and proactively refresh neighbors to counter Rowhammer. The Phoenix team reverse-engineered SK Hynix DDR5 TRR behavior and identified refresh windows that are not fully monitored by the mitigation logic. By aligning hammering with DRAM’s internal timing and refresh cycles, Phoenix reliably triggers bit flips without tripping TRR.

The method tracks and synchronizes with thousands of refresh operations, automatically correcting for missed events. It orchestrates activations in specific “slots” and leverages refresh patterns across 128 and 2608 intervals to remain under TRR’s radar while accumulating sufficient disturbance to flip bits. These are high-level characteristics; the authors caution that operational success depends on precise timing rather than raw access frequency alone.

Experimental results and attack scenarios

Across a test pool of 15 DDR5 chips, all exhibited flips under at least one Phoenix pattern. The shorter 128-interval pattern generally produced more flips on average. In a default DDR5 configuration, the researchers obtained a root shell in 109 seconds.

Phoenix proved effective in several realistic scenarios. Targeting Page Table Entries (PTEs) yielded arbitrary read/write primitives across all tested modules. In a cryptographic test, modifying RSA‑2048 material in a virtual machine permitted SSH authentication compromise on 73% of DIMMs. In another experiment, altering the sudo binary led to local privilege escalation on 33% of modules. These outcomes align with earlier academic findings that protective schemes can be bypassed when timing-accurate hammer patterns are applied.

Scope of impact and affected hardware

While experiments focused on SK Hynix components (approximately 36% of the DRAM market), the authors emphasize that the Phoenix techniques are likely transferable to other vendors’ DDR5 designs. They consider DIMMs manufactured between January 2021 and December 2024 potentially vulnerable, reinforcing that Rowhammer is an industry-wide concern not fully addressed by current TRR heuristics.

Mitigation guidance for enterprises and cloud providers

Because Rowhammer stems from DRAM physics, there is no universal software fix for deployed modules. The researchers report that risk can be reduced by increasing the DRAM refresh rate—for example, reducing tREFI by roughly a factor of three compared to default. However, this may introduce instability, increase error rates, raise power consumption, and degrade performance.

Additional measures include enabling and correctly tuning ECC where supported, minimizing memory sharing between untrusted workloads, enforcing stronger page isolation at the OS/hypervisor level, and deploying guard (buffer) rows between tenants or security boundaries. For cloud and data center environments, recommended steps include batch testing DIMMs under Rowhammer stress, validating refresh parameters in BIOS/UEFI, and promptly applying microcode/firmware updates from vendors. The authors have released reproducibility materials (FPGA-based TRR experiments and PoC code), which will accelerate both defensive research and potential abuse—underscoring the need for monitoring and rapid response.

Phoenix demonstrates that even state-of-the-art DDR5 with TRR does not guarantee immunity from Rowhammer. Organizations should update threat models to include physically induced memory faults, review DRAM refresh settings, enable ECC where possible, and strengthen workload isolation. Close coordination with memory vendors, proactive validation in staging, and tracking JEDEC and supplier guidance on enhanced in-DRAM protections are prudent next steps to reduce exposure to CVE-2025-6202 and future variants.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.