COSIC researcher Jesse De Meulemeester presented "#BadRAM: Practical Memory Aliasing Attacks on Trusted Execution Environments" at IEEE SSP in San Francisco.
https://sp2025.ieee-security.org/program.html
🔗Badram website: https://badram.eu/
#badram
Today Jesse De Meulemeester will present "BadRAM: Practical Memory Aliasing Attacks on Trusted Execution Environments" at IEEE SSP in San Francisco.
https://sp2025.ieee-security.org/program.html
#badram #ieeessp
BadRAM - Breaching Processor Security via Rogue Memory Modules: info and demo on https://badram.eu/
Security Week 2451: атака BadRAM на процессоры AMD
На прошлой неделе исследователи из университетов Бельгии, Германии и Великобритании продемонстрировали необычную аппаратную атаку, эксплуатирующую уязвимость в процессорах AMD. Хотя это и сложная атака, при некоторых условиях она может представлять интерес, так как позволяет обойти новейшие средства защиты данных при использовании виртуализации. Практическая реализация атаки предполагает модификацию так называемого чипа SPD на модуле оперативной памяти, в котором прописаны параметры этого модуля. Таким образом атакующие могут сообщить процессору, что объем планки памяти в два раза больше, чем на самом деле, например, 32 гигабайта вместо 16. Таким образом можно перенаправить поток данных от «защищенной» виртуальной ОС в руки потенциального злоумышленника.
#BadRAM: Historischer Seitenkanal hebelt RAM-Verschlüsselung aus | c't Magazin https://www.heise.de/news/BadRAM-Historischer-Seitenkanal-hebelt-Confidential-Computing-in-der-Cloud-aus-10193941.html
AMD's Secure Encrypted Virtualization (SEV) technology faces a serious threat! 🛡️ Researchers have revealed a $10 attack that can bypass its defenses, potentially compromising cloud security. This "BadRAM" technique manipulates memory to expose sensitive data. 😱💻 Major cloud providers like AWS and Google Cloud could be affected. Stay informed! #CyberSecurity #AMD #CloudComputing #BadRAM #newz
https://www.theregister.com/2024/12/10/amd_secure_vm_tech_undone/
🚨 Security Alert! Researchers uncover critical vulnerability in AMD's Secure Encrypted Virtualization (SEV) tech 🖥️ Hackers can potentially exploit memory aliasing to infiltrate devices using a technique called #BadRAM 🕵️ AMD issued CVE-2024-21944 advisory - update your systems! 🛡️ #CyberSecurity #TechNews #newz
International research team uncovers vulnerability in cloud server security
#badram #cosic #kuleuven
https://nieuws.kuleuven.be/en/content/2024/vulnerability-in-cloud-server-security-badram
#BadRAM: Tampering with DRAM modules allows attackers to bypass SEV-SNP's write protection and forging attestation reports, breaking all trust in
#SEV-SNP
https://badram.eu/
Research by COSIC KU Leuven, the University of Lübeck, and the University of Birmingham
#BadRAM / #CVE_2024_21944 #vulnerability seems quite far fetched to me. If your trust model includes #AMDSEV you hopefully also have assurances of physical security.
https://arstechnica.com/information-technology/2024/12/new-badram-attack-neuters-security-assurances-in-amd-epyc-processors/
AMD’s trusted execution environment blown wide open by new BadRAM attack #BadRAM #AMD https://arstechnica.com/information-technology/2024/12/new-badram-attack-neuters-security-assurances-in-amd-epyc-processors/
Any idea what could be causing this?
It's very random, sometimes it doesn't happen for weeks, sometimes it happens every few days.
I only use this machine for web browsing.
32 gb of Ram
Linux Mint 22 Cinnamon
I reckon it's a ram issue but could it be the graphics card?
Bugs really, REALLY <3 me: https://www.youtube.com/watch?v=0YcSt5148yQ Halt & Catch Fire. 64-bit #GRUB2 crashes if one specifies a #memtest86+ supplied #badram address! :-/
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst