Home / Technology / RAMpage, a vulnerability affecting all Android smartphones manufactured after 2012

RAMpage, a vulnerability affecting all Android smartphones manufactured after 2012

Researchers found a new variant of the Rowhammer attack that they have called RAMpage. Vulnerability can allow a cybercriminal to exploit to gain full control over Android devices. The error affects Androids manufactured since 2012.

RAMpage is another of the Rowhammer variants that came to 2015 when researchers identified the defect in DRAM memory in laptops and computers.

The latter Rowhammers variant was revealed on Thursday by a team of eight academics from four universities and two private companies, which published a technical breakdown of vulnerability.

The same experts managed to replicate this vulnerability in an LG G4 and claim that all phones made since 2012 may potentially be exposed to the risk of this error in the system. This is precisely what makes vulnerability noticeable because it immediately affects millions of smartphones in the world.

In 2016, researchers discovered how Rowhammer's computer-based attack technology could be applied to Android devices and allow access to millions of Android devices, including Nexus, Samsung, LG, and Motorola.

The latest version, RAMpage, works the same way. It targets a generic generic generic memory management system, called ION, introduced by Google in 2011 as part of Android 4.0.

How to Protect Yourself

The good news is that researchers have also released a tool called Guardion, a software exactly against this type of attack. "Prevents an attacker from changing the critical data structures by carefully applying a new privacy policy."

Although Guardion has not yet been implemented in operating systems, it is constant to do it as soon as possible. . The Guardion source code is available as a correction file for the Android kernel. "Currently, the patch is not available and has only been tested for Google Pixel, with Android 7.1.1 (Nougat).

Source link