New FFS Rowhammer Attack Hijacks Linux VMs

New FFS Rowhammer Attack Hijacks Linux VMs


Researchers from the Vrije University in the Netherlands have revealed a new version of the infamous Rowhammer attack that is effective at compromising Linux VMs, often used for cloud hosting services.
The Rowhammer attack was discovered two years ago and caused a lot of stir when researchers disclosed it because it showed how by bombarding a row of memory cells, an attacker could reverse binary zeros into ones, and vice versa.
This allowed an attacker to manipulate a computer’s memory just by using malware that constantly hammered a row of memory cells which flipped their bits and influenced nearby memory cells into flipping their bits as well.
Things took a turn for the worse when researchers demoed Rowhammer attacks via JavaScript, meaning attackers could compromise a computer’s memory via the Internet.
Flip Feng Shui (FFS) is another variation on the Rowhammer attack that also works in conjunction with memory deduplication, a process through which some operating systems free memory slots by finding duplicate entries and merging them together.
The researchers claim that an attacker can buy access to cloud servers co-hosted with his victim and using an FFS Rowhammer attack can gain control over the victim’s accounts despite the complete absence of software vulnerabilities.

Submitted by: Arnfried Walbrecht


Comments are closed.