Bug 1812088 (CVE-2020-10255, TRRespass)
Summary: | CVE-2020-10255 hw: dram: circumvent TRR to induce bit flips via Rowhammer | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Prasad Pandit <ppandit> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | acaringi, airlied, bhu, brdeoliv, bskeggs, dhoward, dvlasenk, fhrbata, hdegoede, hkrzesin, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, john.j5live, jonathan, josef, jshortt, jstancek, jwboyer, kernel-maint, kernel-mgr, labbott, linville, masami256, mchehab, mjg59, nmurray, rvrbovsk, security-response-team, steved |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Known Issue | |
Doc Text: |
A Rowhammer flaw was found in latest DDR4 DRAM hardware chips. These chips implement Target Row Refresh (TRR) mitigation to prevent a Rowhammer flaw-induced bit corruption across memory space. An unprivileged system user may leverage this flaw and use Rowhammer attack variants to induce bit corruptions across memory space, potentially resulting in a denial of service or privileges escalation scenarios. The highest threat from this vulnerability is to system availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-03-10 16:32:03 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1802937 |
Description
Prasad Pandit
2020-03-10 14:02:21 UTC
External References: https://access.redhat.com/articles/1377393 https://www.vusec.net/projects/trrespass https://download.vusec.net/papers/trrespass_sp20.pdf This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-10255 Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. Statement: This hardware issue cannot be fixed via usual software updates. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/1377393. |