Home / Early Warning / Cybersecurity Highlights / Rowhammer: elevación de privilegios manipulando la DRAM

Rowhammer: elevación de privilegios manipulando la DRAM

03/09/2015

Researchers from Google's Project Zero have been able to use the effect known as rowhammer in DRAM memories in order to escalate privileges in the sandboxing system NaCl and in Linux systems. This vulnerability could also be used to circumvent security mechanisms. For instance, through the modification of bits corresponding to page table entries (PTE).

The rowhammer effect consists in applying consecutive modifications in specific memory areas (called "aggressor" areas) so that this changes induce bit flips in adjacent memory areas. This issue is possible due to the increasing miniaturization of DRAM chips.