Google Hardens Android Kernel
October 11, 2018 / Ionut Arghire
Google this week revealed that Android’s kernel is becoming more resilient to code reuse attacks, courtesy of implemented support for LLVM’s Control Flow Integrity (CFI). CFI support, Google says, was added to Android kernel versions 4.9 and 4.14 and the feature is available to all device vendors. However, Google Pixel 3, which was launched earlier this week, is the first device to take advantage of the new security mitigations. One of the manners in which attackers achieve code execution even without injecting executable code of their own, Google reveals, is by abusing kernel bugs to overwrite a function pointer stored in memory. The method is popular with the kernel given the large number of function pointers the latter uses and the protections that make code injection difficult.