DRAM rowhammer vulnerability

DRAM rowhammer is a very strange hardware vulnerability which, in turn, opens the door to software vulnerabilities. In short, it allows an attacker to change a flip bits in a physical memory address, without accessing that address. Instead, the attacker writes one or more neighboring addresses in a DRAM, and, in some cases, the bits in another address will flip.

Successful attacks from user mode using this vulnerability can:

  • elevate user privileges
  • break security sandboxes
  • forge new private keys

Screen Shot 12-10-17 at 06.51 PM

“NUMA also allows for greater opportunities to exploit Rowhammer”.

Note that this is a hardware failure, most software, even some security-oriented one, are not able to cope with this type of hardware-based attack. The vulnerability has been introduced in recent years due to the growing use of smaller memory cells, to enable memory-chips with more capacity.

Screen Shot 12-10-17 at 06.55 PM




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s