Article 5RY9J DDR4 memory protections are broken wide open by new Rowhammer technique

DDR4 memory protections are broken wide open by new Rowhammer technique

by
Dan Goodin
from Ars Technica - All content on (#5RY9J)
ddr4-dimm-800x534.jpeg

Enlarge / Two DDR4 DIMMs. (credit: Getty Images)

Rowhammer exploits that allow unprivileged attackers to change or corrupt data stored in vulnerable memory chips are now possible on virtually all DDR4 modules due to a new approach that neuters defenses chip manufacturers added to make their wares more resistant to such attacks.

Rowhammer attacks work by accessing-or hammering-physical rows inside vulnerable chips millions of times per second in ways that cause bits in neighboring rows to flip, meaning 1s turn to 0s and vice versa. Researchers have shown the attacks can be used to give untrusted applications nearly unfettered system privileges, bypass security sandboxes designed to keep malicious code from accessing sensitive operating system resources, and root or infect Android devices, among other things.

All previous Rowhammer attacks have hammered rows with uniform patterns, such as single-sided, double-sided, or n-sided. In all three cases, these aggressor" rows-meaning those that cause bitflips in nearby victim" rows-are accessed the same number of times.

Read 15 remaining paragraphs | Comments

index?i=wxmQMcUHmyk:MS4xCWua0fQ:V_sGLiPB index?i=wxmQMcUHmyk:MS4xCWua0fQ:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments