AllmäntBloggIT-SäkerhetNyheterSäkerhetSkadlig kodWebbfabriken

Rowhammer the first bad-ass hardware security exploit

Rowhammer security caused by DRAM bit flip bug

Inlägget har lästs 236345 gånger

A team of Austrian and French security researchers have now discovered a new security exploit which they refer as “Rowhammer”. As per the researchers this vulnerability can be exploited remotely by using JavaScript.

The team claims this to be the first remote software-induced hardware fault attack.

The bad thing is it’s a hardware flaw and not a software flaw, thus it could be present in any computer which has the Intel Processor built since 2009.

The next bad news is that hackers can exploit this flaw through any webpage.

If you want to test your hardware for Rowhammer vulnerabilty then Google has made som code for that. Read and download the code here

“Rowhammer” is a problem with recent DRAM modules in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. This repo contains a program for testing for the rowhammer problem which runs as a normal userland process.


The rowhammer problem is described by:

  • Yoongu Kim et al’s paper, “Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors” (2014).
  • Our blog post, “Exploiting the DRAM rowhammer bug to gain kernel privileges” (2015), on the blog of Google’s Project Zero.

2013-09-10 10.08.00

Comments (1)

  1. Woooh!? :-O Låter komplicerat

Comment here