[langsec-discuss] Neat exploit based on low-level DRAM architecture

Jacob Torrey jacob at jacobtorrey.com
Mon Mar 9 17:08:17 UTC 2015


http://googleprojectzero.blogspot.co.uk/2015/03/exploiting-dram-rowhammer-bug-to-gain.html

Builds on the CMU work from bit-flipping to target page-tables to gain
kernel privs. While not directly-LangSec oriented, shows how composition of
multiple layers can lead to cross-boundary attacks, similar to Travis's PiP
work.

Very cool,
  Jacob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20150309/b2b4b690/attachment.html>


More information about the langsec-discuss mailing list