• Every Android Device Since 2012 Impacted by RAMpage Vulnerability

    Home » Forums » AskWoody support » Non-Windows operating systems (Chromebooks/Android) » Android » Every Android Device Since 2012 Impacted by RAMpage Vulnerability

    Tags:

    Author
    Topic
    Kirsty
    Manager
    June 28, 2018 at 11:05 pm #200375

    Every Android Device Since 2012 Impacted by RAMpage Vulnerability

    By Catalin Cimpanu | June 28, 2018

     
    Almost all Android devices released since 2012 are vulnerable to a new vulnerability named RAMpage, an international team of academics has revealed today.

    The vulnerability, tracked as CVE-2018-9442, is a variation of the Rowhammer attack.

    Rowhammer is a hardware bug in modern memory cards. A few years back researchers discovered that when someone would send repeated write/read requests to the same row of memory cells, the write/read operations would create an electrical field that would alter data stored on nearby memory.

    In the following years, researchers discovered that Rowhammer-like attacks affected personal computers, virtual machines, and Android devices. Through further researcher, they also found they could execute Rowhammer attacks via JavaScript code, GPU cards, and network packets.

    RAMpage is the latest Rowhammer attack variation…
    RAMpage may also impact Apple devices, PCs, and VMs…
    Every Android device released in the past 6 years is affected

     
    Read the full article here

    3 users thanked author for this post.
    SueW, HiFlyer, Elly
    Reply | Quote
    Viewing 0 reply threads
    Author
    Replies
    • Kirsty
      Manager
      June 29, 2018 at 3:13 pm #200483

      Researchers Devise Rowhammer Attacks Against Latest Android Versions
      By Ionut Arghire | June 29, 2018

       
      A team of researchers from universities worldwide have devised a new set of DMA-based Rowhammer attacks against the latest Android OS, along with a lightweight defense to prevent such attacks on ARM-based devices.

      Rowhammer is a vulnerability impacting dynamic random-access memory (DRAM) chips that can be abused to gain kernel privileges on Linux systems. Discovered in 2012 but documented only in 2014, the bug can also be exploited remotely using JavaScript or via graphics processing units (GPUs)

      Rowhammer is a hardware bug that “consists of the leakage of charge between adjacent memory cells on a densely packed DRAM chip.” This means that, when a row of bits in the DRAM module is used, the neighboring rows are slightly affected, and attackers can abuse this to completely subvert a system’s security.

      The researchers are in the process of submitting the patch to Google for adoption.

       
      Read the full article here

      Reply | Quote
    Viewing 0 reply threads
    Reply To: Every Android Device Since 2012 Impacted by RAMpage Vulnerability

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.