A “Row-hammer” attack exploits a physical problem that exists in RAM where an attacker can actually cause bit-flips in DRAM memory. This has already been exploited and attacks successfully gained kernel privileges. Researchers have taken this a step further and, by exploiting a Host kernel feature known as “memory de-duplication”, can flip bits in a controller manner allowing authentication to a victim’s Client Virtual Machine running on the same Host.
The exploit takes advantage of the Host O/S using a Linux feature known as KSM (Kernel Shared Memory, also called Kernel Samepage Merging). For efficiency, most cloud-based Virtual Machines run Linux-based Operating Systems on the Host machine and by default, KSM is enabled.
The following document is a great overview of the attack mechanism and source-code links are provided. Even if you have no interest in the attack itself, the article provides a great look into how memory controllers handle RAM; Channels, Ranks, Banks, Columns, and Rows:
Attacking a co-hosted VM: A hacker, a hammer and two memory modules
The moral of the story? Don’t put stuff in the cloud that you can’t afford to lose or be exploited.