RAMBleed Attack – Flip Bits to Steal Sensitive Data from Computer Memory
A team of cybersecurity researchers yesterday revealed details of a new side-channel attack on dynamic random-access memory (DRAM) that could allow malicious programs installed on a modern system to read sensitive memory data from other processes running on the same hardware.
Dubbed RAMBleed and identified as CVE-2019-0174, the new attack is based on a well-known class of DRAM side channel attack called Rowhammer, various variants [GLitch, RAMpage, Throwhammer, Nethammer, Drammer] of which have been demonstrated by researchers in recent years.
Known since 2012, Rowhammer bug is a hardware reliability issue that was found in the new generation of DRAM chips.
It turned out that repeatedly and rapidly accessing (hammering) a row of memory can cause bit flips in adjacent rows, i.e., changing their bit values from 0 to 1 or vice-versa.
In the following years, researchers also demonstrated successful exploits to achieve privilege escalation on the vulnerable computers by flipping (writing) bits in the victim’s memory.
Discovered by a team of researchers from the University of Michigan, Graz University of Technology and the University of Adelaide, the new RAMBleed also relies on the bit-flip mechanism; but instead of writing data in the adjacent rows, this attack allows attackers to read the information in protected memory belonging to other programs and users.
Read more at RAMBleed
August 20, 2019
July 21, 2019