It appears that the latest Android devices may be exposed to a newly discovered vulnerability called RAMpage. Vulnerability is a variation of the Rowhammer attack that affects dynamic random access memory (DRAM).
Actuarial RAMpage similar to the Rowhammer vulnerability
Android’s vulnerability was made public through a research article published by a team consisting of members of universities and private companies. According to those involved, RAMpage is’a set of DMA-based Rowhammer attacks against the latest Android operating system, consisting of:
(1) a root exploit,
(2) a series of app-to-app exploit scenarios that avoid all defences.
The team has not only proved that RAMpage exists to the world, but it also has exposed a problem with GuardION. GuardION serves as a “light defence function that prevents attacks based on DMA, the main attack vector of mobile devices, by isolating DMA buffers with rows of guards”. Unfortunately, GuardION is not a complete solution and cannot do anything about RAMPage, as the team details that “it only reinforces the fact that DMA-based Rowhammer attacks can no longer flip bits in another processor kernel memory”, which means that other Rowhammer techniques are still possible to violate the security of Android-based mobile phones.
The team is in the process of sharing its findings with Google in the hope that better software defences can be implemented in future versions of the Android operating system.
This makes us realize how vulnerable mobile phones connected to the Internet are. Worst of all, at this very moment, any phone could be affected by security issues that are not even known or have not yet been discovered.