It looks like newer Android devices could be exposed to a newly discovered vulnerability called RAMpage. The vulnerability is a variation of the Rowhammer attack which effects dynamic random-access memory (DRAM).
The Android vulnerability was made public through a research paper published by a team that is made up of members from universities as well as private companies. According to those involved, RAMpage is "a set of DMA-based Rowhammer attacks against the latest Android OS, consisting of (1) a root exploit, and (2) a series of app-to-app exploit scenarios that bypass all defenses."
The team hasn't just shown the world that RAMpage exists, but also has a counter to the problem with GuardION . GuardION is "a lightweight defense that prevents DMA-based attacks—the main attack vector on mobile devices—by isolating DMA buffers with guard rows." Unfortunately, GuardION is not a complete solution, as the team details that it "only enforces that DMA-based Rowhammer attacks can no longer flip bits in another process or kernel memory", meaning that other Rowhammer techniques are still possible.
The team is in the process of sharing their findings with Google in hopes that better software defenses can be implemented in future versions of the Android OS.
Source: Victor van der Veen via BleepingComputer | Image via BleepingComputer
12 Comments - Add comment