204 matches found
EUVD-2024-17292
Malicious code in bioql PyPI...
EUVD-2022-46016
Malicious code in bioql PyPI...
EUVD-2024-46524
Malicious code in bioql PyPI...
CVE-2025-6202
Vulnerability in SK Hynix DDR5 on x86 allows a local attacker to trigger Rowhammer bit flips impacting the Hardware Integrity and the system's security. This issue affects DDR5: DIMMs produced from 2021-1 until 2024-12...
Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds
A team of academics from ETH Zürich and Google has discovered a new variant of a RowHammer attack targeting Double Data Rate 5 DDR5 memory chips from South Korean semiconductor vendor SK Hynix. The RowHammer attack variant, codenamed Phoenix CVE-2025-6202, CVSS score: 7.1, is capable of bypassing...
SLasH-DSA: Breaking SLH-DSA Using an Extensible End-To-End Rowhammer Framework
As quantum computing advances, PQC schemes are adopted to replace classical algorithms. Among them is the SLH-DSA that was recently standardized by NIST and is favored for its conservative security foundations. In this work, we present the first software-only universal forgery attack on SLH-DSA,...
CVE-2025-6202
Vulnerability in SK Hynix DDR5 on x86 allows a local attacker to trigger Rowhammer bit flips impacting the Hardware Integrity and the system's security. This issue affects DDR5: DIMMs produced from 2021-1 until 2024-12...
CVE-2025-6202
CVE-2025-6202 Phoenix Rowhammer is a hardware-level vulnerability in SK Hynix DDR5 modules (manufactured 2021–2024) that allows a local attacker to trigger memory row bit flips. The issue bypasses protection such as TRR, exploiting defined “blind zones” (e.g., after 128 and 2,608 tREFI updates) w...
CVE-2025-6202 Phoenix: Rowhammer attack on Hynix DDR5 devices
Vulnerability in SK Hynix DDR5 on x86 allows a local attacker to trigger Rowhammer bit flips impacting the Hardware Integrity and the system's security. This issue affects DDR5: DIMMs produced from 2021-1 until 2024-12...
CVE-2025-6202 Phoenix: Rowhammer attack on Hynix DDR5 devices
Vulnerability in SK Hynix DDR5 on x86 allows a local attacker to trigger Rowhammer bit flips impacting the Hardware Integrity and the system's security. This issue affects DDR5: DIMMs produced from 2021-1 until 2024-12...
PT-2025-37707
Name of the Vulnerable Software and Affected Versions SK Hynix DDR5 versions produced from January 2021 through December 2024 Description A vulnerability exists in SK Hynix DDR5 memory, allowing a local attacker to trigger Rowhammer bit flips, impacting hardware integrity and system security. The...
SK Hynix DDR5 安全漏洞
SK Hynix DDR5 is a double data rate synchronous dynamic random access memory from SK Hynix South Korea. A security vulnerability exists in SK Hynix DDR5 versions 2021-1 through 2024-12, which originates from a local attacker who can trigger a Rowhammer bit flip, potentially impacting hardware...
Phoenix: Rowhammer Attacks on DDR5 Memory
Mitigation AMD released updated Platform Initialization PI packages to the Original Equipment Manufacturers OEM for AMD Ryzen™ Series processors. These updates allow customers to enable Mixed Refresh Mode, which is an existing DRAM workaround to rowhammer-style attacks. Please contact your OEM fo...
Thunderhammer: Rowhammer Bitflips Via PCIe and Thunderbolt (USB-C)
In recent years, Rowhammer has attracted significant attention from academia and industry alike. This technique, first published in 2014, flips bits in memory by repeatedly accessing neighbouring memory locations. Since its discovery, researchers have developed a substantial body of work exploiti...
Schrodinger'S Toolbox: Exploring the Quantum Rowhammer Attack
Residual cross-talk in superconducting qubit devices creates a security vulnerability for emerging quantum cloud services. We demonstrate a Clifford-only Quantum Rowhammer attack-using just X and CNOT gates-that injects faults on IBM's 127-qubit Eagle processors without requiring pulse-level...
Linux Distros Unpatched Vulnerability : CVE-2022-42961
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operation...
Linux Distros Unpatched Vulnerability : CVE-2015-0565
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. CVE-2015-0565 Note that Nessus relies on the presence of the package as reporte...
PRACtical: Subarray-Level Counter Update and Bank-Level Recovery Isolation for Efficient PRAC Rowhammer Mitigation
As DRAM density increases, Rowhammer becomes more severe due to heightened charge leakage, reducing the number of activations needed to induce bit flips. The DDR5 standard addresses this threat with in-DRAM per-row activation counters PRAC and the Alert Back-Off ABO signal to trigger mitigation...
GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs
NVIDIA is urging customers to enable System-level Error Correction Codes ECC as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units GPUs. "Risk of successful exploitation from RowHammer attacks varies based on DRAM device, platform, design...
GPUHammer: Rowhammer Attacks on GPU Memories Are Practical
Rowhammer is a read disturbance vulnerability in modern DRAM that causes bit-flips, compromising security and reliability. While extensively studied on Intel and AMD CPUs with DDR and LPDDR memories, its impact on GPUs using GDDR memories, critical for emerging machine learning applications,...