NA

CVE-2019-0174

Published: 13/06/2019 Updated: 13/06/2019

Vulnerability Summary

Logic condition in specific microprocessors may allow an authenticated user to potentially enable partial physical address information disclosure via local access.

Vulnerability Trend

Recent Articles

RAMBleed Side-Channel Attack Exposes Privileged Memory
Threatpost • Tara Seals • 12 Jun 2019

A team of academic researchers has discovered a follow-on to the Rowhammer class of attacks that allows attackers to read memory data on a target Windows computer, without actually accessing the memory itself. The method is dubbed RAMBleed.
Andrew Kwong and Daniel Genkin at the University of Michigan, Daniel Gruss at Graz University of Technology and Yuval Yarom at University of Adelaide have disclosed the attack method, which, by observing Rowhammer-induced bit flips in memory, can deduce...

RAMBleed picks up Rowhammer, smashes DRAM until it leaks apps' crypto-keys, passwords, other secrets
The Register • Thomas Claburn in San Francisco • 11 Jun 2019

Boffins blast boards to boost bits

Bit boffins from Australia, Austria, and the US have expanded upon the Rowhammer memory attack technique to create more dangerous variation called RAMBleed that can expose confidential system memory.
The memory integrity issue tied to Rowhammer was known to Intel since at least 2012 and began to be explored in academic research in 2014. The following year, Google Project Zero researchers developed an exploit technique to gain kernel privileges by repeatedly writing to memory locations into...