How much/what hardware does the rowhammer DRAM bug affects?

Georgi Guninski guninski at guninski.com
Wed Sep 16 02:41:38 PDT 2015


On Wed, Sep 16, 2015 at 10:12:36AM +0100, Cathal Garvey wrote:
> I don't actually know the answer to this, but in a summary article
> on the JS exploit they opened by saying part of its beauty was how
> many wonderfully peculiar preconditions were required before it
> became possible. Browser model, JS engine, hardware acceleration
> options, possibly firmwares, and DRAM model/generation/clockspeed.
> 
> No reason to be complacent, but the gist was "you probably don't
> need to worry about rowhammer-JS".
> 

OK, javascript vector aside (it is at least theoretical threat, but
ATM don't see how a page can exploit it only with this attack
without additional bug).


> Rowhammer itself, OTOH, who knows? :)
> 

This appears real threat according to claims and the POC.


> On 16/09/15 10:01, Georgi Guninski wrote:
> >This is old, but haven't seen it here.
> >
> >https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
> >
> >
> >---
> >Rowhammer” is a problem with some recent DRAM devices in which
> >repeatedly accessing a row of memory can cause bit flips in adjacent
> >rows.
> >It was able to use this to gain write access to its own page table, and
> >hence gain read-write access to all of physical memory.
> >---
> >
> >There is POC.
> >
> >Variant via javascript:
> >
> >https://github.com/IAIK/rowhammerjs
> >
> >How much/what hardware does this bug affect?
> >



More information about the cypherpunks mailing list