Rowhammer Evolves into RAMpage Exploit, Targeting Android Phones Since 2012

This week researchers demonstrated that most Android phones released since 2012 are still vulnerable to the RAMpage attack.

In 2012, security researchers identified a bug in modern DRAM (dynamic random access memory) chips that could lead to memory corruption.

In 2015, Google Project Zero researchers demonstrated “rowhammer“, a working exploit of this attack providing privilege escalation on vulnerable Linux and Windows systems. In 2016, researchers at VUSec published Drammer, demonstrating that the rowhammer technique could be used to gain root on Android devices. Google scrambled to fix the vulnerability in 2016, but this week researchers demonstrated that those fixes are incomplete and most Android phones released since 2012 are still vulnerable to the latest iteration of the attack, known as RAMpage. Since this is a hardware vulnerability, it is very difficult to retroactively “fix.”

The problem results from memory chips that leverage very small internal data paths to maximize “speed.” We may want to ensure that computer memory is free from corruption and consistent, the physics involved at the tiny memory scale have unintended consequences.

As written in the original academic paper, “[…] as DRAM process technology scales down to smaller dimensions, it becomes more difficult to prevent DRAM cells from electrically interacting with each other. […] By reading from the same row in DRAM, we show that it is possible to corrupt data in nearby addresses.” Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors, (Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, Onur Mutlu.) In other words, by repeatedly and quickly reading memory contents in DRAM Row 2, it may be possible to cause individual bits in Rows 1 or 3 to change from a 1 to a 0 or vice versa.

An interesting physical outcome and concerning, but it wasn’t until Google Zero Project researchers published a working exploit in 2015 that the risks became significant.

In the 2015 blog post, “Exploiting the DRAM rowhammer bug to gain kernel privileges”, Google security researchers explained that by using the rowhammer technique on two rows simultaneously (double-sided hammering), they were able to induce bit flips on a DRAM memory location between the two rows being read. Corrupting memory with electrical interference is a neat trick, but being able to change the memory bits to your choice is the start of a practical exploit and the researchers demonstrated an ability to gain privilege escalation on Windows and Linux systems. With privilege escalation, it may be possible to execute any malicious code on the target system. There are mitigations available to reduce the risks from rowhammer, but they require changes to hardware and some result in increased power consumption and reduced performance. Perhaps acceptable in desktop and server environments where security concerns override power consumption, but power is a prime concern in mobile devices — which were first shown to be vulnerable to rowhammer attacks in 2016.

Security researchers from VUSec in Amsterdam published a blog posti n 2016 titled, “Drammer: Flip Feng Shui Goes Mobile.” In this post, they described how a rowhammer attack could be used against mobile devices running Android OS to gain “root access” to the devices. The attack can be launched “by hiding it in a malicious app that requires no permissions.” Once the attacker has root access, they have full control of your mobile device and the information on that device. A patch for the Android kernel ION subsystem was released in November of 2016 which addresses the Drammer attack. Unfortunately, the Android environments still suffer from fragmentation and distribution challenges so you can expect that many vulnerable devices have not yet received this patch. Of course, as we learned this week, even if you did receive the patch, you may still be vulnerable.

An international team of system security researchers published the paper, “GuardION: Practical Mitigation of DMA-based Rowhammer Attacks on ARM” which describes an evolution of the rowhammer attack into the attack they dub, RAMPAGE. From the paper, RAMPAGE is described as, “a set of DMA-based Rowhammer attacks
against the latest Android OS, consisting of (1) a root exploit, and (2) a series of app-to-app exploit scenarios that bypass all defenses.” Acknowledging that the patch released in 2016 did address the “double-sided hammer” vulnerability, these researchers determined that combining an attack that consumes all ION internal memory pools with their Flip Feng Shui exploit they were still able to gain root on the target Android device. As always, once the bad actors have root, they have access to everything on your phone.

Since the theoretical proposal in 2012, we have seen the same memory vulnerability exploited repeatedly with greater impact and relative ease. In the RAMpage researchers’ own words, “Over the last two years, the Rowhammer bug transformed from a hard-to-exploit DRAM disturbance error into a fully weaponized attack vector.” Being hardware-based, memory attacks like these are notoriously difficult to defend against. And if there is a viable defence, it usually increases costs or reduces performance making it less likely to be deployed We have to recognize that mobile devices are as capable as desktop computers and accept that they require similar protections, vulnerability management procedures and upgrades.

Do you consider your ability to patch and protect mobile systems when purchasing?