Phone : +1 (800) 980-1130 | Email : info@hensongroup.com   |  |  | 
Blog
February

Mitigations Available for the DRAM Row Hammer Vulnerability

I

n Mar 9 2015, the Project Zero team at Google revealed findings from new research related to the known issue in the DDR3 Memory specification referred to as “Row Hammer”. Row Hammer is an industry-wide issue that has been discussed publicly since (at least) 2012.

The new research by Google shows that these types of errors can be introduced in a predictable manner. A proof-of-concept (POC) exploit that runs on the Linux operating system has been released. Successful exploitation leverages the predictability of these Row Hammer errors to modify memory of an affected device. An authenticated, local attacker with the ability to execute code on the affected system could elevate their privileges to that of a super user or “root” account. This is also known as Ring 0. Programs that run in Ring 0 can modify anything on the affected system.

 

Read More : http://blogs.cisco.com/security/mitigations-available-for-the-dram-row-hammer-vulnerability

| Categories: Cisco | | Comments: RSS 2.0 | View Count: (1,178)

Post a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Search
Subscribe
Name
Email *