To guard Android against cellular baseband vulnerabilities, Google uses clang sanitizers

Google is emphasizing how Clang sanitizers help to strengthen the security of the Android operating system's cellular baseband and guard against particular types of vulnerabilities.

This includes Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), which are components of UndefinedBehaviorSanitizer (UBSan), a tool created to identify and eliminate different types of undefined behavior that may arise while a program is running.

Researchers Ivan Lozano and Roger Piqueras Jover stated that they should be enabled in current C/C++ code bases to mitigate unknown vulnerabilities. They claimed to be architecture-agnostic and suitable for bare-metal deployment in a post on Tuesday.

The news that the tech giant is collaborating with ecosystem partners to strengthen the security of firmware that interfaces with Android and impedes the threat actors' ability to execute code remotely through the Wi-Fi SoC or cellular baseband is noteworthy.

Google has activated two compiler-based sanitizers, IntSan and BoundSan, to identify arithmetic overflows and check bounds around array accesses, respectively, as an exploit mitigation measure.

Although BoundSan and IntSan have a large overhead in terms of performance, Google acknowledged that it has already enabled them on attack surfaces that are vital to security before implementing them throughout the entire codebase. 

Note that while using sanitizers may have "tangible" benefits, they do not address memory safety vulnerabilities or other classes of vulnerabilities, which calls for moving the codebase to a memory-safe language like Rust.

Google said in early October 2023 that it had rewritten the protected VM (pVM) firmware for the Android Virtualization Framework (AVF) in Rust to give the pVM root of trust a memory-safe base.