Date: Dec 13, 2023
Tags: Mobile Communication / Firmware security
Google has emphasized the significance of Clang sanitizers in strengthening the security of the cellular baseband in the Android operating system, thus preventing specific types of vulnerabilities. This includes the IntSan and BoundSan, both of which are part of the UndefinedBehaviorSanitizer (UBSan) tool designed to identify various undefined behaviors during program execution.
It was reported that these sanitizers can be applied to existing C/C++ code bases to address potential vulnerabilities. Furthermore, Google has implemented IntSan and BoundSan as exploit mitigation measures to detect arithmetic overflows and perform bounds checks around array accesses. This has been enabled in security-critical attack surfaces such as functions parsing messages delivered over the air in 2G, 3G, 4G, and 5G, libraries encoding/decoding complex formats, IMS, TCP, and IP stacks, and messaging functions.
While the deployment of sanitizers has resulted in significant benefits, it does not address other categories of vulnerabilities related to memory safety, thereby necessitating a transition of the codebase to a memory-safe language like Rust. In fact, Google has already transitioned the Android Virtualization Framework’s (AVF) protected VM (pVM) firmware to Rust to provide a memory-safe foundation.
The researchers stated that employing modern toolchains and exploiting mitigation technologies in the baseband can effectively raise the bar for attacking the Android operating system. In addition, Google has urged its audience to follow them on social media platforms for more exclusive content.