- Joined
- Mar 23, 2016
- Messages
- 4,839 (1.64/day)
Processor | Ryzen 9 5900X |
---|---|
Motherboard | MSI B450 Tomahawk ATX |
Cooling | Cooler Master Hyper 212 Black Edition |
Memory | VENGEANCE LPX 2 x 16GB DDR4-3600 C18 OCed 3800 |
Video Card(s) | XFX Speedster SWFT309 AMD Radeon RX 6700 XT CORE Gaming |
Storage | 970 EVO NVMe M.2 500 GB, 870 QVO 1 TB |
Display(s) | Samsung 28” 4K monitor |
Case | Phantek Eclipse P400S (PH-EC416PS) |
Audio Device(s) | EVGA NU Audio |
Power Supply | EVGA 850 BQ |
Mouse | SteelSeries Rival 310 |
Keyboard | Logitech G G413 Silver |
Software | Windows 10 Professional 64-bit v22H2 |
RAMBleed is a side-channel attack that enables an attacker to read out physical memory belonging to other processes. The implications of violating arbitrary privilege boundaries are numerous, and vary in severity based on the other software running on the target machine. As an example, in our paper we demonstrate an attack against OpenSSH in which we use RAMBleed to leak a 2048 bit RSA key. However, RAMBleed can be used for reading other data as well.
RAMBleed is based on a previous side channel called Rowhammer, which enables an attacker to flip bits in the memory space of other processes. We show in our paper that an attacker, by observing Rowhammer-induced bit flips in her own memory, can deduce the values in nearby DRAM rows. Thus, RAMBleed shifts Rowhammer from being a threat not only to integrity, but confidentiality as well. Furthermore, unlike Rowhammer, RAMBleed does not require persistent bit flips, and is thus effective against ECC memory commonly used by server computers.
How can I mitigate this issue?
Users can mitigate their risk by upgrading their memory to DDR4 with targeted row refresh (TRR) enabled.
Source: https://rambleed.com/