A DMA attack is a type of side channel attack in computer security, in which an attacker can penetrate a computer or other device, by exploiting the presence of high-speed expansion ports that permit direct memory access (DMA).

Direct Memory Access (DMA) attacks are a powerful class of attack that give read and write access to the memory of a target system, bypassing the main CPU to gain kernel privileges. We became interested in DMA attacks for expanding the toolkit for rooting embedded devices.

Apr 6, 2023 · A successful DMA attack can allow criminals to conduct a wide range of malicious activities, including removing password requirements, extracting encryption keys, escalating privileges, installing backdoors into the system and stealing data.

A DMA attack is a type of cyber attack that exploits computer hardware’s direct memory access capabilities to gain unauthorized entry to a system’s memory. This often allows attackers to bypass normal security measures and directly read, write, or manipulate data stored in the computer’s RAM.

We show that DMA vulnerabili-ties are a deep-rooted issue and it is often the kernel design that enables complex and multistage DMA attacks. This work presents a structured top-down approach to characterize, ex-ploit, and detect them.

The complex vulnerability space for IOMMU-exposed shared memory available to DMA-enabled peripherals allows attackers to extract private data (sniffing cleartext VPN traffic) and hijack kernel control flow (launching a root shell) in seconds using devices such as USB-C …

Jan 30, 2020 · Many devices are likely still vulnerable to DMA attacks, despite the fact that hardware and software vendors have taken steps to prevent such attacks.

Aug 19, 2024 · Researchers have uncovered a critical vulnerability within the Linux kernel’s dmam_free_coherent () function. This flaw, identified as CVE-2024-43856, stems from a race condition caused by the improper order of operations when freeing Direct Memory Access (DMA) allocations and managing associated resources.

An in-depth look at CVE-2024-39277, which addresses a high-severity vulnerability in the Linux kernel's DMA mapping, discussing its implications for system security and stability.

We show that DMA vulnerabilities are a deep-rooted issue and it is often the kernel design that enables complex and multistage DMA attacks. This work presents a structured top-down approach to characterize, exploit, and detect them.