Google has announced plans to bolster the security of Android at a firmware level to combat a growing number of attack vectors that have become increasingly common over the last decade. The move is designed to address the targeting and exploitation of vulnerabilities that hit firmware running on secondary processors. These vulnerabilities have been a common point of discussion for CVEs, talks, and hackathons.
Firmware plays a crucial role in devices, interacting with SoCs (System on a Chip) inside of devices, and controlling things like cellular communications, security modules, and media processing. However, it has been found that many vulnerabilities use exploits and firmware to deliver malicious payloads and inject code.
To address these vulnerabilities, Google plans to implement several security improvements, including compiler-based sanitizers to catch issues with memory safety, adding control flow integrity, kernel control flow integrity, ShadowCallStack to protect against return address overwrites, and stack canaries. They also plan to enable auto-initialized memory in the firmware.
These protections can prevent things like buffer overflows, use-after-free (UAF) attacks, and memory data leaks. According to Google, the impacts on performance and stability will be minimal.
By focusing on improving firmware security, Google hopes to prevent attacks that exploit vulnerabilities in firmware running on secondary processors. These attacks have become increasingly common, making it essential to develop effective security measures to protect users' data and privacy.
While these security improvements will enhance the overall security of Android devices, it is important to note that they will not be a panacea. Cybercriminals are constantly evolving their tactics and techniques, and it is crucial to remain vigilant and stay up-to-date with the latest security measures to stay protected.