Rowhammer is now remote exploitable
grarpamp
grarpamp at gmail.com
Mon May 14 21:15:05 PDT 2018
---------- Forwarded message ----------
From: Peter Gutmann <pgut001 at cs.auckland.ac.nz>
Date: Mon, May 14, 2018 at 11:03 PM
Subject: [Cryptography] Rowhammer is now remote exploitable
To: "cryptography at metzdowd.com" <cryptography at metzdowd.com>
An interesting paper just turned up on arXiv:
Nethammer: Inducing Rowhammer Faults through Network Requests
https://arxiv.org/abs/1805.04956
[...] In this paper, we present Nethammer. Nethammer is the first truly remote
Rowhammer attack, without a single attacker-controlled line of code on the
targeted system. [...] Depending on the location, the bit flip compromises
either the security and integrity of the system and the data of its users, or
it can leave persistent damage on the system, i.e., persistent denial of
service. We investigated Nethammer on personal computers, servers, and mobile
phones. Nethammer is a security landslide, making the formerly local attack a
remote attack.
Peter.
_______________________________________________
More information about the cypherpunks
mailing list