Google introduces improvements to android kernel security

Google introduces a new security feature in the Linux kernel for Android devices. Thanks to this new function, it is expected to be able to prevent code reuse attacks, so that attackers will not be able to execute code by exploiting vulnerabilities in the control flow. In these types of attacks, they often benefit from memory errors, so they can reuse existing code and direct the flow of control of their choice.

Google introduces improvements to Android kernel security

Android has various measures that prevent code from being directly injected into the kernel. This is why these code reuse methods have become a very popular choice among hackers.

Android security

To increase kernel security, Google introduces a support to improve Control Flow Integrity (CFI). In this way, thanks to this measure, it will be possible to detect if there are unusual behaviors by the attackers, who will seek to interfere with or modify said core control flow. It is a security policy, which introduces additional controls in this regard.

In this way, if unusual behaviors are detected in Android applications, they will be aborted automatically, as a preventive measure in this regard. The Google Pixel 3 presented a few days ago is the first phone with this protection system in the kernel.

It has been confirmed that it is already added to Android kernel versions 4.14 and 4.9. Google already recommends manufacturers to incorporate these security improvements. So in these weeks they will be expanding among the phones on the market.

The Hacker News Font