Google shared information this week about how it tackles memory bugs in Android 11, as well as other security enhancements that the new update of the app will offer.
Android 11 is expected to launch in the third quarter of the year, the 18th version of the mobile operating system, but has been available to developers since the beginning of 2020.
One of the main improvements in the new operating system iteration has to do with memory initialization, which is expected to eliminate a whole class of problems that occur in C / C++: uninitialized memory bugs.
These vulnerabilities typically occur when a known safe value has not been initialized into the used memory first. Thus, a variable has the value put there previously, and attackers may predict and even monitor the value, Google explains.
This may result in disclosure of details, like ASLR bypass (Address Space Layout Randomization), or control flow hijacks using stack or heap spray.
“If uninitialized memory results in a mistake, identifying the source of the error is often challenging particularly if it is rarely triggered. Eliminating a whole class of these bugs is much more successful than individually hunting them down, “says Google.
The alternative is automatic initialization of stack variables, which will initialize local variables either with zeros or a pattern: the former is safer for strings, references, indexes, and sizes, while the latter is usually safer for return values.
With automatic stack and heap initialization integrated into the upstream Linux kernel, Android will also benefit from these features, so attackers can’t manipulate local variables and heap any longer.
Given the overhead efficiency, both stability and security are improving, says Google.
Google is making Scudo the default native allocator for Android, with the introduction of Android 11.
While it does not fully prevent abuse, Scudo can help detect and mitigate corruption bugs in heap memory such as double free, arbitrary free, heap-based buffer overflow, and use-after-free bugs.
“It also organizes the heap proactively in a way that makes it more difficult to manipulate memory manipulation by reducing the predictability of allocation patterns and separating allocations by sizes,” says the tech giant.
Also included in the upcoming Android version is the in-production heap memory protection bug identification tool GWP-ASan, which is incorporated into Scudo, and kernel support HWASAN (also known as KernelAddressSANitizer).
In addition, Google has extended the prevention of compilers and the use of CFI (Control Flow Integrity) to prevent vulnerabilities and harden NFC stacks.
Leave a Reply