{"id":5220,"date":"2018-07-03T14:04:38","date_gmt":"2018-07-03T14:04:38","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/29106\/New-RAMpage-Exploit-Revives-Rowhammer-Attack-To-Root-Android-Devices.html"},"modified":"2018-07-03T14:04:38","modified_gmt":"2018-07-03T14:04:38","slug":"new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/","title":{"rendered":"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2015\/09\/android-security-640x461.jpg\"\/><\/p>\n<aside id=\"social-left\"><a title=\"40 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2018\/07\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/?comments=1\"><span class=\"comment-count-before\">reader comments<\/span> <span class=\"comment-count-number\">63<\/span><\/a><\/p>\n<div class=\"share-links\"><span>Share this story<\/span> <\/div>\n<\/aside>\n<p>In late 2016, Google\u2019s security team scrambled to fix a critical vulnerability that allowed attackers to gain unfettered root access to Android devices by using a relatively new class of exploit that manipulates data stored in memory chips. Now, 21 months later, many of the same researchers behind the <a href=\"https:\/\/arstechnica.com\/information-technology\/2016\/10\/using-rowhammer-bitflips-to-root-android-phones-is-now-a-thing\/\">attack, dubbed Drammer<\/a>, are back to say that a large number of Android phones and tablets remain vulnerable to the rooting attacks because the patches Google deployed weren\u2019t adequate.<\/p>\n<aside class=\"pullbox sidebar story-sidebar right\">\n<\/aside>\n<p>Both Drammer and the newly disclosed RAMpage attacks exploit Rowhammer, a class of exploit that alters data stored in memory chips by repeatedly accessing the internal rows where individual bits are stored. By \u201chammering\u201d the rows thousands of times a second, the technique causes the bits to flip, meaning 0s are changed to 1s and vice versa.<\/p>\n<p>The <a href=\"https:\/\/arstechnica.com\/information-technology\/2015\/03\/cutting-edge-hack-gives-super-user-status-by-exploiting-dram-weakness\/\">original Rowhammer attack against PCs<\/a> made it possible for an untrusted computer application to gain nearly unfettered system privileges or to bypass security sandboxes designed to keep malicious code from accessing sensitive operating system resources. A later variation allowed <a href=\"https:\/\/arstechnica.com\/information-technology\/2015\/08\/dram-bitflipping-exploit-for-attacking-pcs-just-add-javascript\/\">JavaScript hosted on websites to effect the same security-sensitive bitflips<\/a>.<\/p>\n<aside class=\"pullbox sidebar story-sidebar right\">\n<\/aside>\n<p>The Android-based Drammer exploit demonstrated that Rowhammer attacks could have far-reaching effects on a much wider range of devices than was previously assumed, including those running ARM chips. The exploit opened the possibility that apps posing as legitimate wares could surreptitiously root devices and, in the process, neuter key security defenses built into Android that prevent one app from accessing passwords or other sensitive data belonging to the operating system or other apps that run on it.<\/p>\n<p>In the months following the Drammer disclosure, Google mitigated the damage that malicious apps could do by <a href=\"https:\/\/source.android.com\/security\/bulletin\/2016-11-01#eop-in-kernel-ion-subsystem\">making changes to Android\u2019s ION memory manager<\/a>, which restricted access to physical contiguous kernel memory.<\/p>\n<h2>Not good enough<\/h2>\n<p>\u201cWith RAMpage, we show that the deployed software patches are not good enough,\u201d Victor van der Veen, a Vrije Universiteit Amsterdam professor who helped devise both Drammer and RAMpage exploits, wrote in an email. \u201cTaking the disabled contiguous heap as an example again, we found that you can still obtain physically contiguous memory by playing with the allocator. By allocating and releasing memory chunks, we can \u2018defragment\u2019 physical memory, freeing up large holes. If we then allocate a large chunk, chances of getting contiguous memory increase, and we can confirm this by using existing side channels.\u201d<\/p>\n<p>In a <a href=\"http:\/\/rampageattack.com\/\">blog post published last Wednesday<\/a>, Van der Veen and his colleagues said that \u201cevery [Android-based] mobile device that is shipped with LPDDR2, LPDDR3, or LPDDR4 memory is potentially affected [by RAMpage], which is effectively every mobile phone since 2012.\u201d In an email, he said that he and his colleagues have successfully achieved bit flips on Nexus 5 devices shipped with LPDDR3, a Nexus 4 with LPDDR2, and a Google Pixel 1 with LPDDR4, but they have not done it consistently.<\/p>\n<p>\u201cThis is why we state that every mobile device with LPDDR2, LPDDR3, or LPDDR4 is potentially affected: we have seen flips on devices shipped with all these types of memory, but we have also seen devices without any bit flips,\u201d van der Veen explained in the email. \u201cAn example is the Google Pixel: of the three devices that we bought, we could only flip bits on two of them.\u201d<\/p>\n<p>People who want to test if their device is vulnerable can download <a href=\"https:\/\/vvdveen.com\/drammer.apk\">this test app<\/a>. It requires default Android settings to be changed to allow \u201csideloading\u201d from non-Google Play sources. The RAMpage bug has been indexed as <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-9442\">CVE-2018-9442<\/a>.<\/p>\n<p>In a <a href=\"https:\/\/vvdveen.com\/publications\/dimva2018.pdf\">research paper<\/a> accompanying Wednesday\u2019s post, the researchers introduced a mitigation they dubbed GuardION, which they describe as a practical and lightweight defense against RAMpage and most other Android-based Rowhammer attacks. The researchers said Google engineers have yet to implement it because they \u201cconcluded that GuardION results in more \u2018performance overhead\u2019 on real-world apps than we report in our paper.\u201d The researchers say they\u2019re working with Google to find ways to reduce the performance costs GuardION has on real-world apps.<\/p>\n<h2>Large-scale exploits unlikely<\/h2>\n<p>Van der Veen also said the difficulty of exploiting RAMpage made it unlikely attackers would publish apps in Google Play or other markets that could successfully root large numbers of vulnerable devices. One complication: depending on the model, row sizes may be 32KB, 64KB, 128KB, or possibly other sizes. The variations change how targeted rows must be hammered. Another factor complicating large-scale exploitation are the subtle differences in the way each manufacturer implements ION. Still, the researcher said he believed RAMpage might be exploited in attacks that target a single individual or organization.<\/p>\n<p>In a statement, Google officials wrote:<\/p>\n<blockquote>\n<p>We have worked closely with the team from Vrije Universiteit, and though this vulnerability isn\u2019t a practical concern for the overwhelming majority of users, we appreciate any effort to protect them and advance the field of security research. While we recognize the theoretical proof of concept from the researchers, we are not aware of any exploit against Android devices.<\/p>\n<\/blockquote>\n<p>A Google spokesman also said that many newer devices contain memory with Rowhammer-specific protections. The spokesman also said that the researchers\u2019 proof-of-concept exploit doesn\u2019t work on any currently supported Google Android devices.<\/p>\n<p>While RAMpage probably doesn&#8217;t represent a practical threat to most Android users, it&#8217;s worth remembering the old adage that \u201c<a href=\"https:\/\/www.schneier.com\/blog\/archives\/2011\/08\/new_attack_on_a_1.html\">attacks always get better [and] never get worse<\/a>.\u201d The vulnerability is also the latest reminder of the imperative that memory chip manufacturers devise a comprehensive defense against Rowhammer.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/29106\/New-RAMpage-Exploit-Revives-Rowhammer-Attack-To-Root-Android-Devices.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":5221,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[1743],"class_list":["post-5220","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinelinuxphoneflawgoogle"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-07-03T14:04:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/07\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"461\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices\",\"datePublished\":\"2018-07-03T14:04:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/\"},\"wordCount\":925,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg\",\"keywords\":[\"headline,linux,phone,flaw,google\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/\",\"name\":\"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg\",\"datePublished\":\"2018-07-03T14:04:38+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/07\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg\",\"width\":640,\"height\":461},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,linux,phone,flaw,google\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinelinuxphoneflawgoogle\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/","og_locale":"en_US","og_type":"article","og_title":"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-07-03T14:04:38+00:00","og_image":[{"width":640,"height":461,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/07\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices","datePublished":"2018-07-03T14:04:38+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/"},"wordCount":925,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/07\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg","keywords":["headline,linux,phone,flaw,google"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/","url":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/","name":"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/07\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg","datePublished":"2018-07-03T14:04:38+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/07\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/07\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices.jpg","width":640,"height":461},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/new-rampage-exploit-revives-rowhammer-attack-to-root-android-devices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,linux,phone,flaw,google","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinelinuxphoneflawgoogle\/"},{"@type":"ListItem","position":3,"name":"New RAMpage Exploit Revives Rowhammer Attack To Root Android Devices"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/5220","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=5220"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/5220\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/5221"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=5220"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=5220"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=5220"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}