RowHammer

Vulnerability Profile Updated 3 months ago
Download STIX
Preview STIX
Rowhammer is a software vulnerability that was first reported in 2014. The flaw lies within the design and implementation of Dynamic Random Access Memory (DRAM), where repeated access to certain areas of RAM, or "hammering," can cause read disturbances in neighboring cells. This could potentially lead to unauthorized access to critical system data. In 2015, Google researchers demonstrated how this vulnerability could be exploited to gain unlimited access to a computer's RAM. Despite its serious implications, the likelihood of Rowhammer attacks on home users has been considered minimal. In 2021, researchers introduced an advanced version of the Rowhammer attack known as BlackSmith. This new method showed that it is possible to bypass Rowhammer protections under certain conditions and cause system failures. Furthermore, recent studies have revealed that attackers can exploit system-level techniques to manipulate the Rowhammer vulnerability of DRAM to flip bits in Deep Neural Networks (DNN) model weights, thereby affecting inference accuracy. Another variant, RowPress, was also found to be significantly more potent than Rowhammer, requiring fewer hammerings to achieve the same effect. In response to these findings, there have been efforts to mitigate the Rowhammer vulnerability. CVE-2023-42465, for instance, was an initiative to make 'sudo' - a common utility in Unix-based systems that allows users to run programs with the security privileges of another user - less vulnerable to Rowhammer attacks. Additionally, ongoing research aims to improve the structure and characteristics of DRAM to enhance reliability and further mitigate the risk posed by Rowhammer. Despite these measures, the return of Rowhammer in different forms continues to pose significant challenges to computer security.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
rowpress
1
RowPress is a novel vulnerability in the design and implementation of software that amplifies read disturbance in modern DRAM chips. The RowPress attack, much like its predecessor, the RowHammer attack, leverages a flaw in DRAM memory cells to induce errors and gain unauthorized access to data. Howe
Blacksmith
1
Operation Blacksmith is a campaign that was first unveiled in 2021 by researchers who demonstrated a BlackSmith attack. This attack showed that it's possible to cause failures even with RowHammer protections in place, thereby bypassing these security measures. The campaign employed at least three ne
CVE-2023-42465
1
None
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vulnerability
Exploit
Blacksmith
Sudo
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the RowHammer Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
4 months ago
SUSE: 2024:0834-1 important: sudo | LinuxSecurity.com
CERT-EU
4 months ago
SUSE: 2024:0794-2 important: sudo | LinuxSecurity.com
CERT-EU
9 months ago
Search | arXiv e-print repository
CERT-EU
10 months ago
Search | arXiv e-print repository
CERT-EU
a year ago
RowPress RAM attack
Naked Security
a year ago
S3 Ep143: Supercookie surveillance shenanigans
Naked Security
a year ago
Serious Security: Rowhammer returns to gaslight your computer
CERT-EU
a year ago
This Week In Security:Camaro Dragon, RowPress, And RepoJacking