[Users] rowhammer exploit
Solar Designer
solar at openwall.com
Wed Mar 11 06:48:15 PDT 2015
On Tue, Mar 10, 2015 at 11:40:03PM +0100, Carl-Daniel Hailfinger wrote:
> On 10.03.2015 21:32, Solar Designer wrote:
> > On Tue, Mar 10, 2015 at 02:35:41PM +0100, lst_hoe02 at kwsoft.de wrote:
> >> Zitat von Benjamin Henrion <zoobab at gmail.com>:
> >>> Could this be used to gain HN root access from a container:
> >>>
> >>> http://googleprojectzero.blogspot.be/2015/03/exploiting-dram-rowhammer-bug-to-gain.html?m=1
> >>>
> >>> best,
> >> As i understand this is a hardware defect, so yes it would be
> >> exploitable within any OS which does not explicit prevent the usage
> >> pattern of RAM.
> > Yes, but patching the Linux kernel to restrict access to
> > /proc/self/pagemap may mitigate the currently described attack. This is
> > something the OpenVZ project may do.
>
> Wouldn't that still leave the way to attack via hugepages which makes
> /proc/self/pagemap partially unneeded?
This mitigation would certainly be far from perfect, and would not
provide any sort of guarantee, but it's whatever we can have cheaply.
Alexander
More information about the Users
mailing list