Rowhammer.js: Root privileges for web apps?

A tale of fault attacks on DRAM and attacks on CPU caches

Clémentine Maurice and Daniel Gruss

Playlists: '32c3' videos starting here / audio / related events

"Insanity: doing the same thing over and over again and expecting different results."
Albert Einstein - Who did not live long enough to see Rowhammer

Recent studies have found that repeated accesses to DRAM rows can cause random bit flips, resulting in the so called Rowhammer vulnerability. We present Rowhammer.js, the first remote software-induced hardware-fault attack, from JavaScript. We also extend our presentation with an overview of cache side-channel attacks, that use the same technique to evict data from the cache.


These files contain multiple languages.

This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them.

Please look for "audio tracks" in your desktop video player.