Flip Feng Shui - Rowhammering the VM's Isolation

Explore a Black Hat conference talk that delves into the Flip Feng Shui attack, demonstrating how an attacker's virtual machine can exploit Rowhammer vulnerabilities to compromise the isolation of other VMs on the same host. Learn about memory duplication, copy-on-write mechanisms, and physical memory manipulation techniques used in this attack. Understand the basics of RSA cryptography and how it relates to the exploit. Examine specific attack scenarios targeting OpenSSH, page tables, inodes, and input passwords. Watch a video demonstration of the attack and discuss its implications for VM security. Gain insights into the apt package manager's keyring system and how bit flips can be leveraged in this context. Conclude with a Q&A session addressing the reception and broader impact of this research on virtualization security.

Introduction
Who are we
Outline
Flippin
How does it work
Memory duplication
Copyonwrite
Physical Memory
Flipping
RSA Basics
Recap
What to Attack
OpenSSH Attack
Attack 1 Page Tables
Attack 2 I Nodes
Attack 3 Input Password
Attack 3 Original Authors
Attack 3 Binary Representation
How apt works
apt keyring
bit flips
video demo
Reception
Conclusions
Question