DRAM rowhammer vulnerability

DRAM rowhammer is a very strange hardware vulnerability which, in turn, opens the door to software vulnerabilities. In short, it allows an attacker to change a flip bits in a physical memory address, without accessing that address. Instead, the attacker writes one or more neighboring addresses in a DRAM, and, in some cases, the bits in another address will flip.

Successful attacks from user mode using this vulnerability can:

  • elevate user privileges
  • break security sandboxes
  • forge new private keys

Screen Shot 12-10-17 at 06.51 PM

“NUMA also allows for greater opportunities to exploit Rowhammer”.

Note that this is a hardware failure, most software, even some security-oriented one, are not able to cope with this type of hardware-based attack. The vulnerability has been introduced in recent years due to the growing use of smaller memory cells, to enable memory-chips with more capacity.

Screen Shot 12-10-17 at 06.55 PM

Refs

 

Advertisements

VMware vulnerabilities survey

Software is usually affected by some kinds of security vulnerabilities. Vulnerabilities can be classified into several types, in order to ease their impact analysis, providing a common thought framework. Virtualization products aim to allow users to abstract the  physical hardware details and provide them with means to install multiple virtual machines. Some virtualization users often tend to forget or ignore that this additional software layer exposes them to additional attack vectors and potential vulnerabilities. In this paper, we analyze the known vulnerabilities for VMware, a well known virtualization product.

Check the Full Paper:

Preview:

Screen Shot 07-07-16 at 05.06 PM.PNG