Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities
Dec 13, 2023
Mobile Communication / Firmware security
 Google is highlighting the role played by  Clang sanitizers  in hardening the security of the cellular baseband in the  Android operating system  and preventing specific kinds of vulnerabilities.  This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer ( UBSan ), a tool designed to catch various kinds of undefined behavior during program execution.  "They are architecture agnostic, suitable for bare-metal deployment, and should be enabled in existing C/C++ code bases to mitigate unknown vulnerabilities," Ivan Lozano and Roger Piqueras Jover  said  in a Tuesday post.   The development comes months after the tech giant said it's  working with ecosystem partners  to increase the  security of firmware  that interacts with Android, thereby making it difficult for threat actors to achieve remote code execution within the Wi-Fi SoC or the cellular baseband.  IntSan...