Behind the Curtain
At the other end of the spectrum is the Rowhammer vulnerability, which could potentially be used to gain kernel privileges on multiple systems. According to SecurityWeek, the bug depends on a physical property of certain dynamic random-access memory (DRAM) chips. When placed close together in an effort to increase capacity by decreasing size, it’s possible for attackers to force electrical interactions between cells, in turn causing unwanted bit flips. Repeatedly accessing the same memory location, or hammering on a row of chips, can be used for targeted privilege escalation.
First discovered in March by a team of Google researchers, the flaw was fairly limited in scope since a successful attack required native code, special instructions and physical access to the target. Now, researchers from Austria and France have packaged Rowhammer into a .JS file that bypasses all of these requirements; in theory, it could now be launched against multiple users from a single compromised website.