Google has taken steps to strengthen the protection of the Android operating system, with a focus on mobile communications safety and the prevention of vulnerabilities. To achieve this, Google is using the means of analysis of the Clang code, specifically the integrations of Integer Flow (Intsan) and Boundssanitizan (Boundsan), which are part of Undefined Behaviorsanitizer (ubsan). These tools are designed to identify different types of uncertain behavior during program execution.
In their blog, Google stated that these tools are not architecture-dependent and are suitable for basic software. They recommend activating these tools in existing C/C++ code bases to eliminate unknown vulnerabilities.
This development is part of Google’s strategy to increase the safety of firmware interacting with Android, which they began a few months ago by collaborating with ecosystem partners. As a result, it is now more difficult for attackers to remotely execute code in Wi-Fi SOC or the cellular baseband module.
Intsan and Boundsan are sanitizers based on compilers that have been implemented by Google as a measure of exploit protection. They detect arithmetic overflow and perform boundary checking for access to arrays.
Despite the performance decrease associated with the use of Boundsan and Intsan, Google has included them in critical attack scenarios before fully deploying them throughout the code base.
The components to strengthen security include:
- Functions of analysis of messages delivered via wireless networks in 2G, 3G, 4G, and 5G networks
- Libraries for encoding/decoding complex formats (e.g., ASN.1, XML, DNS)
- IMS, TCP, and IP
- Message exchange functions (SMS, MMS)
It is worth mentioning that researchers suggest disabling the 2G standard completely using the “2G Toggle” function in Android, as this is considered the best strategy. However, in certain regions of the world, 2G is still necessary for mobile access.
While the introduction of sanitizers offers advantages, it does not address other vulnerabilities related to memory safety. Therefore, Android plans to transition the code base to a memory-safe programming language. In early October 2023, Google announced that they had rewritten the firmware of the Protected Virtual Vehicle (PVM) in the Android Virtualization Framework (AVF) using Rust, providing a secure foundation for the PVM.
Researchers emphasize that as the high-level operating system becomes a more challenging target for attacks, low-level components such as the baseband module will attract more attention. By using modern tools