SSD Drives Vulnerable to Attacks That Corrupt User Data

Published by

teaser

New research describes two vulnerabilities that could affect SSD drives utilizing MLC technology: "program interference" and "read disturb." In the first, an attacker can corrupt data or reduce the lifespan of a drive by writing data with a certain pattern: specifically, the data pattern makes an MLC's programming logic cause 4.9 more errors than usual. 



For the second type of attack, exploit code can force an SSD to perform a large number of writes in a short period of time, which also results in data corruption and degradation of the drive's storage abilities. I'm going to assume these attacks are more complicated than described, since SSDs can stand up pretty well even when atypical amounts of data are being written, reports bleeping computer.

The first of these attacks, which they named a "program interference," takes place when an attacker manages to write data with a certain pattern to a target's SSD.

The exploit's data pattern causes the MLC's programming logic to cause 4.9 more errors than usual, which comes with the side-effect of triggering interference in neighboring NAND flash memory cells.

The side-effects are that an attacker can corrupt local data, or even shorten an SSD's lifetime, if he can cause repeated interference. This is because an SSD's lifetime is defined by the number of finite read-write operations it can perform on its flash memory chips before they lose their ability to remain charged between reboots.

This type of interference attack is similar to the Rowhammer attack on classic RAM memory chips, where an attacker bombards a row of RAM memory cells in repeated read-write operations, causing electrical interference that flips the bits of nearby cells.

The second vulnerability researchers discovered in the programming logic of NAND flash memory chips is what they called a "read disturb."

In this attack scenario, an attacker's exploit code causes the SSD to perform a large number of read operations in a very short time, which causes a phenomenon of "read disturb errors."

Researchers say these read disturb errors will "corrupt both pages already written to partially-programmed wordlines and pages that have yet to be written," ruining the SSD's ability to store data in a reliable manner in the future.

More details about this research are available in the paper entitled Vulnerabilities in MLC NAND Flash Memory Programming: Experimental Analysis, Exploits, and Mitigation Techniques, authored by six researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of Technology in Zurich.

Their work was showcased at the proceedings of the 23rd International Symposium on High-Performance Computer Architecture (HPCA) Industrial Session, held in Austin, Texas, this past February.

SSD Drives Vulnerable to Attacks That Corrupt User Data


Share this content
Twitter Facebook Reddit WhatsApp Email Print