DRAM related forced bit flipping attacks get real

seem to be getting weaponized. This item discusses using known shared code pages from one VM to  another to force memory corruption using the ‘DRAM hammer’ bit flipping attack modes that have already been well documented as a way to inject hostile code into another (probably all given dedup designs) VM on the same physical machine. This would seem to be a very scary attack for cloud hosting companies.

It would seem like this is the time for DRAM vendors to take a close look at their designs and start making serious attempts to implement resistance to this sort of attack. I do wonder whether ECC would prevent this as the bit error might be corrected before another error could be introduced.

Powerful Bit-Flipping Attack from Schneier on Security


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.