rowpress

Vulnerability Profile Updated 2 months ago
Download STIX
Preview STIX
RowPress is a novel vulnerability in the design and implementation of software that amplifies read disturbance in modern DRAM chips. The RowPress attack, much like its predecessor, the RowHammer attack, leverages a flaw in DRAM memory cells to induce errors and gain unauthorized access to data. However, RowPress presents a more potent threat as it modifies the memory access method, keeping the activation line open for longer than normal, thereby bypassing protections implemented by module manufacturers. This makes RowPress tens or even hundreds of times more effective than RowHammer. The susceptibility to a RowPress attack increases significantly when the RAM temperature exceeds 80 degrees Celsius, making most tested RAMs more vulnerable to memory corruption. Despite this increased vulnerability, the likelihood of a RowHammer, Blacksmith, or RowPress attack on home users remains minuscule. The RowPress attack employs the same basic principle as the earlier attacks but with one crucial change: the attacker attempts to keep one row of cells open for reading as long as possible, leading to an increase in attack effectiveness. In response to the RowPress vulnerability, software updates have been released to mitigate the risk. Dell has issued a BIOS security update to address an out-of-bounds write vulnerability, and Google has also rolled out an update for Chrome. It is crucial for users to apply these updates promptly to protect their systems from potential exploitation. The RowPress attack emphasizes the importance of malware triage in identifying and mitigating threats to ensure the safety and integrity of computer systems.
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
RowHammer
1
Rowhammer is a software vulnerability that was first reported in 2014. The flaw lies within the design and implementation of Dynamic Random Access Memory (DRAM), where repeated access to certain areas of RAM, or "hammering," can cause read disturbances in neighboring cells. This could potentially le
Blacksmith
1
Operation Blacksmith is a campaign that was first unveiled in 2021 by researchers who demonstrated a BlackSmith attack. This attack showed that it's possible to cause failures even with RowHammer protections in place, thereby bypassing these security measures. The campaign employed at least three ne
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Blacksmith
Chrome
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the rowpress Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
RowPress RAM attack
CERT-EU
a year ago
This Week In Security:Camaro Dragon, RowPress, And RepoJacking
CERT-EU
a year ago
SANS ISC Stormcast: Daily Network Security News Summary; Cyber Security Podcast