CWE-1246: Improper Write Handling in Limited-write Non-Volatile Memories
Description
The product does not implement or incorrectly implements wear leveling operations in limited-write non-volatile memories.
Submission Date :
Feb. 10, 2020, midnight
Modification Date :
2023-06-29 00:00:00+00:00
Organization :
Intel Corporation
Extended Description
Non-volatile memories such as NAND Flash, EEPROM, etc. have individually erasable segments, each of which can be put through a limited number of program/erase or write cycles. For example, the device can only endure a limited number of writes, after which the device becomes unreliable. In order to wear out the cells in a uniform manner, non-volatile memory and storage products based on the above-mentioned technologies implement a technique called wear leveling. Once a set threshold is reached, wear leveling maps writes of a logical block to a different physical block. This prevents a single physical block from prematurely failing due to a high concentration of writes. If wear leveling is improperly implemented, attackers may be able to programmatically cause the storage to become unreliable within a much shorter time than would normally be expected.
Example - 1
An attacker can render a memory line unusable by repeatedly causing a write to the memory line.
Below is example code from [REF-1058] that the user can execute repeatedly to cause line failure. W is the maximum associativity of any cache in the system; S is the size of the largest cache in the system.
array[ii].element[0]++;for (ii = 0; ii < W + 1; ii++)// Do aligned alloc of (W+1) arrays each of size Swhile(1) {}Without wear leveling, the above attack will be successful. Simple randomization of blocks will not suffice as instead of the original physical block, the randomized physical block will be worn out.
Wear leveling must be used to even out writes to the device.Related Weaknesses
This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.
Visit http://cwe.mitre.org/ for more details.