A team of security researchers has discovered a new set of techniques that could allow hackers to bypass all kind of present mitigations put in place to prevent DMA-based Rowhammer attacks against Android devices.
Dubbed RAMpage, the new technique (CVE-2018-9442) could re-enable an unprivileged Android app running on the victim’s device to take advantage from the previously disclosed Drammer attack, a variant of DRAM Rowhammer hardware vulnerability for Android devices, in an attempt to gain root privileges on the target device.
You might have already read a few articles about RAMpage on the Internet or even the research paper, but if you are still unable to understand—what the heck is RAMpage—we have briefed the research in language everyone can understand.
Before jumping directly on the details of RAMpage, it is important for you to understand what is RowHammer vulnerability, how it can be exploited using Drammer attack to hack Android devices and what mitigations Google introduced to prevent Drammer.
images from Hacker News