- Mar 23, 2016
- 2,144 (1.82/day)
|Processor||Ryzen 5 2600X|
|Motherboard||MSI B350M Gaming Pro|
|Cooling||Scythe Kotetsu with AM4 bracket|
|Memory||PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35|
|Video Card(s)||MSI GeForce RTX 2060 GAMING Z 6G|
|Storage||Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB|
|Display(s)||Samsung SyncMaster C27H711 OC refresh rate 110Hz|
|Case||Phantek Eclipse P400S (PH-EC416PS)|
|Audio Device(s)||Creative Labs Sound Blaster Audigy Rx|
|Power Supply||EVGA 850 BQ|
|Mouse||SteelSeries Rival 310|
|Keyboard||Logitech G G413 Silver|
|Software||Windows 10 Professional 64-bit v1903|
How can I mitigate this issue?RAMBleed is a side-channel attack that enables an attacker to read out physical memory belonging to other processes. The implications of violating arbitrary privilege boundaries are numerous, and vary in severity based on the other software running on the target machine. As an example, in our paper we demonstrate an attack against OpenSSH in which we use RAMBleed to leak a 2048 bit RSA key. However, RAMBleed can be used for reading other data as well.
RAMBleed is based on a previous side channel called Rowhammer, which enables an attacker to flip bits in the memory space of other processes. We show in our paper that an attacker, by observing Rowhammer-induced bit flips in her own memory, can deduce the values in nearby DRAM rows. Thus, RAMBleed shifts Rowhammer from being a threat not only to integrity, but confidentiality as well. Furthermore, unlike Rowhammer, RAMBleed does not require persistent bit flips, and is thus effective against ECC memory commonly used by server computers.
Users can mitigate their risk by upgrading their memory to DDR4 with targeted row refresh (TRR) enabled.