On Wed, Sep 16, 2015 at 10:12:36AM +0100, Cathal Garvey wrote:
I don't actually know the answer to this, but in a summary article on the JS exploit they opened by saying part of its beauty was how many wonderfully peculiar preconditions were required before it became possible. Browser model, JS engine, hardware acceleration options, possibly firmwares, and DRAM model/generation/clockspeed.
No reason to be complacent, but the gist was "you probably don't need to worry about rowhammer-JS".
OK, javascript vector aside (it is at least theoretical threat, but ATM don't see how a page can exploit it only with this attack without additional bug).
Rowhammer itself, OTOH, who knows? :)
This appears real threat according to claims and the POC.
On 16/09/15 10:01, Georgi Guninski wrote:
This is old, but haven't seen it here.
https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug...
--- Rowhammer” is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. It was able to use this to gain write access to its own page table, and hence gain read-write access to all of physical memory. ---
There is POC.
Variant via javascript:
https://github.com/IAIK/rowhammerjs
How much/what hardware does this bug affect?