[ad_1]
The researchers found a new variant of the Rowhammer attack that they called RAMpage. The vulnerability could allow a cybercriminal to create an exploit to gain full control over Android devices. The fault affects androids manufactured since 2012.
RAMpage is another variant of Rowhammer that has appeared since 2015, when researchers identified the defect of DRAM memory in laptops and PCs.
The Rowhammer variant was revealed Thursday by a team of eight academics from four universities and two private companies, who published a technical analysis of vulnerability.
This same team of experts has successfully replicated this vulnerability in an LG G4. any phone manufactured since 2012 is potentially exposed to the danger of this error in the system. It's the latter, precisely, that makes vulnerability visible because it immediately affects millions of smartphones around the world.
In 2016, researchers discovered how Rowhammer's PC attack technique could be applied to Android devices and granting an attacker root access to millions of Android devices, including Nexus, Samsung , LG and Motorola.
The latest version, RAMpage, works in a similar way. It is targeting a generic Android generic memory management system called ION introduced by Google in 2011 as part of Android 4.0.
How to Protect Yourself
The good news is that the researchers also released a tool called Guardion, a "Prevent an attacker from modifying critical data structures by carefully applying a new privacy policy."
Although Guardion is not yet implemented in the operating systems, constant efforts are being made to do so as quickly as possible. . The Guardion source code is available as a patch for the Android kernel. "Currently, the fix is not available and has only been tested for Google Pixel, with Android 7.1.1 (Nougat).
Source link
