Google Research Reveals Rowhammer Attacks Still Threaten DDR5 Memory Despite Industry Defenses

The security of modern DRAM memory remains an open question despite years of industry mitigation efforts. Google has backed academic research that exposes persistent vulnerabilities in DDR5 memory modules, revealing that sophisticated attackers may still be able to exploit the notorious Rowhammer vulnerability even after hardware vendors deployed protective measures like ECC and Target Row Refresh (TRR).

Rowhammer represents one of the most insidious hardware vulnerabilities in the computing ecosystem—a flaw baked into the physical architecture of DRAM chips themselves. By repeatedly accessing a specific row of memory, attackers can induce bit flips in adjacent rows, potentially corrupting data, escalating privileges, or triggering denial-of-service conditions. The vulnerability has prompted hardware vendors to implement countermeasures in newer memory generations. Yet Google's supported research demonstrates that these defenses may not withstand determined adversaries, raising urgent questions about the resilience of critical infrastructure dependent on DDR5 technology.

Google's investment in test platforms and academic collaboration has yielded more than theoretical concerns—the effort has uncovered new attack vectors and provided a deeper understanding of how Rowhammer manifests in current DRAM modules. The findings underscore a troubling reality for hardware security: mitigations designed to close one attack surface may leave others exposed, and the cat-and-mouse dynamic between attackers and defenders shows no sign of resolution. For organizations relying on DDR5 infrastructure, the research signals that hardware-level vulnerabilities demand continued scrutiny and layered defenses beyond vendor-supplied protections.