RAMBleed Attack Discovered
A team of researchers has discovered a new side-channel attack on dynamic random-access memory (DRAM) that could allow malicious programs installed on a modern system to read sensitive memory data from other processes running on the same hardware, according to The Hacker News.
The researchers include Andrew Kwong at University of Michigan, Daniel Genkin at University of Michigan, Daniel Gruss at Graz University of Technology, and Yuval Yarom at University of Adelaide and Data 61.
“RAMBleed is a side-channel attack that enables an attacker to read out physical memory belonging to other processes. The implications of violating arbitrary privilege boundaries are numerous and vary in severity based on the other software running on the target machine. As an example, in our paper we demonstrate an attack against OpenSSH in which we use RAMBleed to leak a 2048 bit RSA key. However, RAMBleed can be used for reading other data as well,” said the RAMBleed blog post.
The researchers wrote that previous attacks exploited the Rowhammer effect to write (or flip) bits in the victim's memory. RAMBleed is different in that it uses Rowhammer for reading data stored inside the computer's physical memory. As the physical memory is shared among all process in the system, this puts all processes at risk.RAMBleed can potentially read any data stored in memory.
Source: https://thehackernews.com/2019/06/rambleed-dram-attack.html