=====================================================================

                           CERT-Renater

               Note d'Information No. 2015/VULN006
_____________________________________________________________________

DATE                : 10/03/2015

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Cisco products.

======================================================================
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150309-rowhammer
______________________________________________________________________

Row Hammer Privilege Escalation Vulnerability

Advisory ID: cisco-sa-20150309-rowhammer

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150309-rowhammer

Revision 1.1

Last Updated  2015 March 9 22:59  UTC (GMT)

For Public Release 2015 March 9 21:50  UTC (GMT)

Summary

On March 9, 2015, new research was published that takes advantage of a
flaw in double data rate type 3 (DDR3) synchronous dynamic random-access
memory (SDRAM) to perform privilege escalation attacks on systems that
contain the affected hardware. The flaw is known as Row Hammer. To
attempt an attack, the attacker must execute a malicious binary on an
affected system.

In addition, the research focused on consumer hardware that did not have
a number of mitigations and memory protections that have been integrated
into chipsets and memory modules used in Cisco server-class products. Of
note in the paper is that the researchers were unable, in their testing,
to exploit devices that use Error-Correcting Code (ECC) memory.

Cisco offers a limited number of products that allow an unprivileged
user to load and execute binaries.

The research report is at the following link:
http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150309-rowhammer


=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================