Date: Sat, 2 Jun 2018 11:43:27 +0200 From: Greg KH <gregkh@...uxfoundation.org> To: procmem <procmem@...eup.net> Cc: kernel-hardening@...ts.openwall.com Subject: Re: Nethammer and kernel network drivers On Sat, Jun 02, 2018 at 03:46:19AM +0000, procmem wrote: > Hello. I wanted to get your attention about a new, more serious > reincarnation of rowhammer called nethammer that doesn't need to execut > any code on the system like in the past nor does it leave a trace. > > The summary of the paper is that rowhammer can be > remotely triggered by feeding susceptible* network driver crafted > traffic. This attack can do all kinds of nasty things such as modifying > SSL certs on the victim system. > > * Susceptible drivers are those relying on Intel CAT, uncached memory or > the clflush instruction. > > In absence of hardware mitigations, please identify and disable/fix > susceptible network drivers to avoid this type of attack. Thanks. Any hint as to how to identify such drivers? Have you looked into what this would entail? thanks, greg k-h
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.