oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: [EXT] Re: [oss-security] CVE-2023-51767: a bogus CVE in OpenSSH

From: Peter Gutmann <pgut001 () cs auckland ac nz>
Date: Wed, 24 Sep 2025 11:45:23 +0000
Jacob Bachmeyer <jcb62281 () gmail com> writes:


The critical issue for exploiting Rowhammer to corrupt spilled register
values seems to be how long those spilled values remain live in DRAM before
they are reloaded into the register file and ultimately used.


It also depends on whether they're ever actually read back from RAM or just
end up sitting in cache for a microsecond or two before they're re-fetched
from there.  There are some attacks that exploit the difference between
(glitched) data in RAM and data in cache, but in this case it'd mitigate
Rowhammer by having the corrupted data in RAM ignored if it's still in cache.

Peter.
Previous By Date Next
Previous By Thread Next

Current thread: