News

Researchers show DDR vulnerability RAMBleed based on Rowhammer

By admin
Spread the love

Researchers have discovered a leak with which data can be read from the working memory of a computer. The vulnerability is called RAMBleed and is based on the Rowhammer vulnerability.

RAMbleed was discovered by researchers from the University of Graz in Austria, the University of Michigan, and the University of Adelaide. The researchers managed to use the attack to read an OpenSSH key with an RSA-2048 algorithm from a server.

The leak works similarly to Rowhammer, a 2015 ram leak that allows manipulation of the space between physical bits in working memory. RAMBleed takes advantage of that vulnerability. The big difference is that the data can only be read, but not manipulated. The attack uses bit flipping, a process in which a cryptographic key is read by reading the changes in bits. The leak would also work on memory that uses error code correction, which is normally used to correct bit flips.

The researchers published a proof-of-concept on DDR3 memory, but say the vulnerability can also be exploited in DDR4 memory. Bit flipping attacks on ddr4 have been carried out in the past.

You might also like
News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory

News

‘AMD wants to sell Radeon RX 7700 and RX 7800 series from September’

News

Reddit removes chat messages from before January 1, 2023 during migration

News

Acer also comes with Radeon video card with two different types of fans