News

RAMpage vulnerability on all Android Devices since 2012

Looks like a potential security vulnerability exploiting a hardware bug that allows Android apps to potentially full access of the device and its data. Although this attack has only been reproduced on a few Android devices and not consistently, researchers suspect the exploit to affect all Android phone since 2012 and potentially also Apple devices, VMs and PCs. There is already a proposed mitigation fix that has been suggested by the researcher that found this bug and Google is currently testing to see the performance impact that it may bring to day to day use. We do also want to stress that the likelihood of a large scale attack using this vulnerability is low. This is not an easy vulnerability to exploit. Regardless, keep an eye out for a fix for CVE-2018-9442.

Source: Bleepingcomputers, Ars Technica