Full Disclosure mailing list archives
Re: 'Rowhammer' - Software-triggered DRAM corruption
From: Dirk-Willem van Gulik <dirkx () webweaving org>
Date: Mon, 16 Mar 2015 10:32:03 +0100
On 13 Mar 2015, at 11:32, fulldisclosure <fulldisclosure () evolution-hosting eu> wrote: Am 12.03.2015 um 21:31 schrieb Aris Adamantiadis:Le 12/03/15 17:00, Nick Boyce a écrit :Also, this may only affect SODIMMs, not DIMMs, as Google was only able to make the attack work on laptops - desktop machines so far remaining unaffected. [I *knew* it was a good idea to hang on to that old Athlon XP desktop :-)]There are countless reports of the attack working on desktops. It worked on one of the two non-ecc desktops I've tried it on. It's an AMD FX 8150.It's not dependend on the processor, it's the ram-design thats vulnerable. If you use ECC chips, you should be safe, thats why cheap hw hosters are now in trouble, and professionsal server hw hosters not.
Until we find solid evidence of two bit-flips introduced in the same board; which is, given the ease of 1 bit ‘squared’ certainly in the lab within reach. Over time - attacks always get stronger, never less potent. Dw. _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- 'Rowhammer' - Software-triggered DRAM corruption Nick Boyce (Mar 12)
- Re: 'Rowhammer' - Software-triggered DRAM corruption Aris Adamantiadis (Mar 12)
- Re: 'Rowhammer' - Software-triggered DRAM corruption fulldisclosure (Mar 16)
- Re: 'Rowhammer' - Software-triggered DRAM corruption Dirk-Willem van Gulik (Mar 16)
- Re: 'Rowhammer' - Software-triggered DRAM corruption Nick Boyce (Mar 16)
- Re: 'Rowhammer' - Software-triggered DRAM corruption fulldisclosure (Mar 16)
- Re: 'Rowhammer' - Software-triggered DRAM corruption Aris Adamantiadis (Mar 12)