DRAM rowhammer vulnerability

DRAM rowhammer is a very strange hardware vulnerability which, in turn, opens the door to software vulnerabilities. In short, it allows an attacker to change a flip bits in a physical memory address, without accessing that address. Instead, the attacker writes one or more neighboring addresses in a DRAM, and, in some cases, the bits in another address will flip.

Successful attacks from user mode using this vulnerability can:

  • elevate user privileges
  • break security sandboxes
  • forge new private keys

Screen Shot 12-10-17 at 06.51 PM

“NUMA also allows for greater opportunities to exploit Rowhammer”.

Note that this is a hardware failure, most software, even some security-oriented one, are not able to cope with this type of hardware-based attack. The vulnerability has been introduced in recent years due to the growing use of smaller memory cells, to enable memory-chips with more capacity.

Screen Shot 12-10-17 at 06.55 PM

Refs

 

Advertisements

BFT-SMaRt is: Byzantine fault-tolerant state machine replication

BFT-SMaRt is a high-performance Byzantine fault-tolerant state machine replication library developed in Java with simplicity and robustness as primary requirements. Our main objective is to provide a code base that can be used to build dependable services and also extended to create new protocols.

Check it out here: