pavelmachek (pavelmachek) wrote,
pavelmachek
pavelmachek

Happy Easter from DRAM vendors

DRAM in about 50% of recent notebooks (and basically 50% of machines without ECC) is so broken it is exploitable. You can get root from normal user account (and more). But while everyone and their dog wrote about heartbleed and bash bugs, press did not notice yet. I guess it is because the vulnerability does not yet have a logo?

I propose this one:

           +==.
           |   \                                                                                     
  +---+    +====+
 -+   +-     ||
  |DDR|      ||
 -+   +-     ||
  +---+      ||


Memory testing code is at github. Unfortunately, Google did not publish list of known bad models. If you run a test, can you post the results in commments? My thinkpad X60 is not vulnerable, my Intel(R) Core(TM)2 Duo CPU     E7400 -based desktop (with useless DMI information, so I don't know who made the board) is vulnerable.
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 1 comment