Hacker News new | past | comments | ask | show | jobs | submit login

Xen has had page-table and interrupt vector related security vulnerabilities. But I don't think EC2 would use non-ECC RAM, so I don't think it's vulnerable to this "rowhammer" technique. (I also don't think EC2 would do cross-VM page deduplication, another necessary condition.)



Perhaps we need more certainty than just "think"?

That AWS don't boast that they are not susceptible to this suggests that perhaps at least some of their setup is?


The EC2 FAQ [0] states:

"In our experience, ECC memory is necessary for server infrastructure, and all the hardware underlying Amazon EC2 uses ECC memory."

While ECC does apparently not completely mitigate Rowhammer, it helps.

[0] https://aws.amazon.com/ec2/faqs/




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: