Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-1246:Improper Write Handling in Limited-write Non-Volatile Memories
Weakness ID:1246
Version:v4.17
Weakness Name:Improper Write Handling in Limited-write Non-Volatile Memories
Vulnerability Mapping:Allowed
Abstraction:Base
Structure:Simple
Status:Incomplete
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

The product does not implement or incorrectly implements wear leveling operations in limited-write non-volatile memories.

▼Extended Description

Non-volatile memories such as NAND Flash, EEPROM, etc. have individually erasable segments, each of which can be put through a limited number of program/erase or write cycles. For example, the device can only endure a limited number of writes, after which the device becomes unreliable. In order to wear out the cells in a uniform manner, non-volatile memory and storage products based on the above-mentioned technologies implement a technique called wear leveling. Once a set threshold is reached, wear leveling maps writes of a logical block to a different physical block. This prevents a single physical block from prematurely failing due to a high concentration of writes. If wear leveling is improperly implemented, attackers may be able to programmatically cause the storage to become unreliable within a much shorter time than would normally be expected.

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
ChildOfDiscouragedC400Uncontrolled Resource Consumption
Nature: ChildOf
Mapping: Discouraged
Type: Class
ID: 400
Name: Uncontrolled Resource Consumption
▼Memberships
NatureMappingTypeIDName
MemberOfProhibitedC1202Memory and Storage Issues
MemberOfProhibitedC1416Comprehensive Categorization: Resource Lifecycle Management
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1202
Name: Memory and Storage Issues
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1416
Name: Comprehensive Categorization: Resource Lifecycle Management
▼Tags
NatureMappingTypeIDName
MemberOfProhibitedBSBOSS-258Weaknesses in Memory Hardware
MemberOfProhibitedBSBOSS-259Weaknesses in Storage Hardware
MemberOfProhibitedBSBOSS-294Not Language-Specific Weaknesses
MemberOfProhibitedBSBOSS-298Not OS-Specific(os class) Weaknesses
MemberOfProhibitedBSBOSS-301Not Architecture-Specific (architecture class) Weaknesses
MemberOfProhibitedBSBOSS-308System on Chip (technology class) Weaknesses
MemberOfProhibitedBSBOSS-329DoS: Instability (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-258
Name: Weaknesses in Memory Hardware
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-259
Name: Weaknesses in Storage Hardware
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-294
Name: Not Language-Specific Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-298
Name: Not OS-Specific(os class) Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-301
Name: Not Architecture-Specific (architecture class) Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-308
Name: System on Chip (technology class) Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-329
Name: DoS: Instability (impact)
▼Relevant To View
Relevant to the view"Hardware Design - (1194)"
NatureMappingTypeIDName
MemberOfProhibitedC1202Memory and Storage Issues
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1202
Name: Memory and Storage Issues
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
AvailabilityN/ADoS: Instability
N/A
Scope: Availability
Likelihood: N/A
Impact: DoS: Instability
Note:
N/A
▼Potential Mitigations
Phase:Architecture and Design, Implementation, Testing
Mitigation ID:
Strategy:
Effectiveness: High
Description:

Include secure wear leveling algorithms and ensure they may not be bypassed.

Note:

▼Modes Of Introduction
Phase: Architecture and Design
Note:

N/A

Phase: Implementation
Note:

N/A

▼Applicable Platforms
Languages
Class: Not Language-Specific(Undetermined Prevalence)
Technology
Class: System on Chip(Undetermined Prevalence)
Class: Memory Hardware(Undetermined Prevalence)
Class: Storage Hardware(Undetermined Prevalence)
Operating System
Class: Not OS-Specific(Undetermined Prevalence)
Architecture
Class: Not Architecture-Specific(Undetermined Prevalence)
▼Demonstrative Examples
Example 1

An attacker can render a memory line unusable by repeatedly causing a write to the memory line.

Language: ( code)
N/A

Language: ( code)
N/A

Below is example code from [REF-1058] that the user can execute repeatedly to cause line failure. W is the maximum associativity of any cache in the system; S is the size of the largest cache in the system.

Language: C++(Attack code)
// Do aligned alloc of (W+1) arrays each of size S while(1) { for (ii = 0; ii < W + 1; ii++) array[ii].element[0]++; }

Language: ( code)
N/A

Without wear leveling, the above attack will be successful. Simple randomization of blocks will not suffice as instead of the original physical block, the randomized physical block will be worn out.

Language: Other(Good code)
Wear leveling must be used to even out writes to the device.

▼Observed Examples
ReferenceDescription
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      ▼Detection Methods
      ▼Vulnerability Mapping Notes
      Usage:Allowed
      Reason:Acceptable-Use
      Rationale:

      This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.

      Comments:

      Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

      Suggestions:
      ▼Notes
      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      ISA/IEC 62443Part 4-1N/AReq SD-4
      ISA/IEC 62443Part 4-1N/AReq SI-1
      ISA/IEC 62443Part 4-1N/AReq SVV-3
      Taxonomy Name: ISA/IEC 62443
      Entry ID: Part 4-1
      Fit: N/A
      Entry Name: Req SD-4
      Taxonomy Name: ISA/IEC 62443
      Entry ID: Part 4-1
      Fit: N/A
      Entry Name: Req SI-1
      Taxonomy Name: ISA/IEC 62443
      Entry ID: Part 4-1
      Fit: N/A
      Entry Name: Req SVV-3
      ▼Related Attack Patterns
      IDName
      CAPEC-212
      Functionality Misuse
      ID: CAPEC-212
      Name: Functionality Misuse
      ▼References
      Reference ID: REF-1058
      Title: Enhancing Lifetime and Security of PCM-Based Main Memory with Start-Gap Wear Leveling
      Author: Moinuddin Qureshi, Michele Franchescini, Vijayalakshmi Srinivasan, Luis Lastras, Bulent Abali, John Karidis
      Section:
      Publication:
      Publisher:
      Edition:
      URL:https://www.seas.upenn.edu/~leebcc/teachdir/ece299_fall10/Qureshi09_pcmWear.pdf
      URL Date:2023-04-07
      Day:N/A
      Month:N/A
      Year:N/A
      Reference ID: REF-1059
      Title: Bad Block Management in NAND Flash Memory
      Author: Micron
      Section:
      Publication:
      Publisher:
      Edition:
      URL:https://www.micron.com/-/media/client/global/documents/products/technical-note/nand-flash/tn2959_bbm_in_nand_flash.pdf
      URL Date:
      Day:N/A
      Month:N/A
      Year:N/A
      Details not found