|
Message-ID: <078f9b83-44d9-e7b2-6608-41a88e23b63e@riseup.net> Date: Sat, 2 Jun 2018 03:46:19 +0000 From: procmem <procmem@...eup.net> To: kernel-hardening@...ts.openwall.com Subject: Nethammer and kernel network drivers Hello. I wanted to get your attention about a new, more serious reincarnation of rowhammer called nethammer that doesn't need to execut any code on the system like in the past nor does it leave a trace. The summary of the paper is that rowhammer can be remotely triggered by feeding susceptible* network driver crafted traffic. This attack can do all kinds of nasty things such as modifying SSL certs on the victim system. * Susceptible drivers are those relying on Intel CAT, uncached memory or the clflush instruction. In absence of hardware mitigations, please identify and disable/fix susceptible network drivers to avoid this type of attack. Thanks. ** [0] https://arxiv.org/abs/1805.04956
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.