However, kernel-mode drivers, many hardware devices, and user-mode vulnerabilities allow direct, unimpeded access of the physical memory address space. In addition to containing damage that may be caused by software flaws and allowing more efficient use of physical memory, this architecture forms an integral part of the security of the operating system.
user-mode) applications are prevented from accessing any memory locations not explicitly authorized by the virtual memory controller (called memory management unit (MMU)). In modern operating systems, non-system (i.e. On many computers, the connections implementing DMA can also be disabled within the BIOS or UEFI if unused, which depending on the device can nullify or reduce the potential for this type of exploit.Įxamples of connections that may allow DMA in some exploitable form include FireWire, CardBus, ExpressCard, Thunderbolt, USB 4.0, PCI, PCI-X, and PCI Express. Preventing physical connections to such ports will prevent DMA attacks.
The legitimate uses of such devices have led to wide adoption of DMA accessories and connections, but an attacker can equally use the same facility to create an accessory that will connect using the same port, and can then potentially gain direct access to part or all of the physical memory address space of the computer, bypassing all OS security mechanisms and any lock screen, to read all that the computer is doing, steal data or cryptographic keys, install or run spyware and other exploits, or modify the system to allow backdoors or other malware. Cyberattack exploiting high-speed expansion portsĪ DMA attack is a type of side channel attack in computer security, in which an attacker can penetrate a computer or other device, by exploiting the presence of high-speed expansion ports that permit direct memory access (DMA).ĭMA is included in a number of connections, because it lets a connected device (such as a camcorder, network card, storage device or other useful accessory or internal PC card) transfer data between itself and the computer at the maximum speed possible, by using direct hardware access to read or write directly to main memory without any operating system supervision or interaction.