[Users] rowhammer exploit

Carl-Daniel Hailfinger c-d.hailfinger.devel.2006 at gmx.net
Tue Mar 10 15:40:03 PDT 2015


On 10.03.2015 21:32, Solar Designer wrote:
> On Tue, Mar 10, 2015 at 02:35:41PM +0100, lst_hoe02 at kwsoft.de wrote:
>> Zitat von Benjamin Henrion <zoobab at gmail.com>:
>>> Could this be used to gain HN root access from a container:
>>>
>>> http://googleprojectzero.blogspot.be/2015/03/exploiting-dram-rowhammer-bug-to-gain.html?m=1
>>>
>>> best,
>> As i understand this is a hardware defect, so yes it would be  
>> exploitable within any OS which does not explicit prevent the usage  
>> pattern of RAM.
> Yes, but patching the Linux kernel to restrict access to
> /proc/self/pagemap may mitigate the currently described attack.  This is
> something the OpenVZ project may do.

Wouldn't that still leave the way to attack via hugepages which makes
/proc/self/pagemap partially unneeded?

Regards,
Carl-Daniel


More information about the Users mailing list