Flipping heck! Virtual machines hijacked via bit-meddling Feng Shui

Flip Feng Shui, quicker than the human eye

By Iain Thomson in San Francisco

Posted in Virtualization, 12th August 2016 23:50 GMT

Security researchers at the Vrije Universiteit in Amsterdam have found a way to subvert virtual machines using a combination of hardware and software shenanigans. The end result is the ability to flip bits in another VM's memory to weaken its encryption or mess with its operation.

The attack, dubbed Flip Feng Shui, works by spinning up a virtual machine on a Linux-powered host, and filling a page of memory in the VM with data that's identical to a page in the victim's virtual machine.

So now you have two pages in the host's memory that are the same. Then along comes Linux's Kernel Samepage Merging feature, which deduplicates the two pages into one, so only one copy is physically held in the host server's RAM, but it still appears in each VM's memory map.

The next stage is to run a Rowhammer attack. This technique, demonstrated by Google engineers last year, involves rapidly writing and rewriting data to flip bits in adjacent memory locations. This works by forcing capacitor errors in the DRAM chips, and is successful even in newer DDR4 RAM sticks [PDF].

Using the Flip Feng Shui technique [PDF], the researchers successfully spammed the memory near the aforementioned deduplicated page in one virtual machine to flip the bits in the other guest machine. By doing this, they were able to weaken OpenSSH keys in Debian and Ubuntu systems.

In a second, they managed to alter the URL used by the operating system's package management tool so that it searched for software updates from a different server, allowing the injection of malware into the system during the next update. They also flipped the correct bits in the crypto-keys used to verify the authenticity of packages, so that the package manager would trust the dodgy software downloaded from the attacker-controlled repository.

Despite the proofs of concept, this is not going to be a simple attack. Getting corresponding memory pages is going to take a lot of trial and error and it does depend on having susceptible hardware.

Nevertheless, the team has had a lot of success with similar attacks. They won a Pwnie Award this year at the Black Hat security conference in Las Vegas for Most Innovative Research after using similar deduplication attacks against Windows. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

US-CERT study predicts machine learning, transport systems to become security risks

You've been warned

S for Security is Google owner Alphabet's new favorite letter

The plan is to throw the cloud at data collection and analysis, to produce alerts that matter

Google Assistant clears its throat, very weird 'machine IQ' tests, new AMD chip – plus more

AI Roundup DeepMind reminded neural net dev work is expensive

Hash of the Titan: How Google bakes security all the way into silicon

Locking down servers and cloud with this itty-bitty chip

Feds may have to explain knowledge of security holes – if draft law comes into play

House reps approve bill requiring vuln disclosure reports

Google isn't saying Microsoft security sucks but Chrome for Windows has its own antivirus

ESET scanning engine now built in – plus other defenses

Who wants multiple virtual workstations on a GPU in a blade server?

NVIDIA reckons engineering types do, so it's cut a new GPU and software to carve it up

OpenStack Foundation starts scoping machine learning enhancements

OPENSTACK SYDNEY Users want it and NVIDIA's already sniffing around

Another AI attack, this time against 'black box' machine learning

The difference between George Clooney and Dustin Hoffman? Just a couple of pixels

Google Research opens machine intelligence base in Zurich

'Mountain Views of a different kind' quips gros fromage