Google introduces a new security feature in the Linux kernel for Android devices. Thanks to this new function, it is expected to prevent code reuse attacks, so that attackers will not be able to execute a code exploiting vulnerabilities in the control flow. In this type of attacks, they usually benefit from memory errors, so that they can reuse the existing code and direct the flow of control at their choice.
Google introduces improvements in the security of the Android kernel
Android has several measures that prevent injecting code directly into the kernel. Therefore, these code reuse methods have become a popular option among hackers.
To increase security in the kernel, Google introduces a support to improve the Integrity of Control Flow (CFI in its acronym in English). In this way, thanks to this measure, it will be possible to detect if there are unusual behaviors by the attackers, who will seek to interfere with or modify the control flow of the nucleus. It is a security policy, which introduces additional controls in this regard.
In this way, if unusual behaviors are detected in Android applications, they will be automatically aborted, as a preventive measure in this regard. The Google Pixel 3 presented a few days ago is the first phone with this protection system in the kernel.
It has been confirmed that it is already added to the kernel versions of Android 4.14 and 4.9. Google already recommends manufacturers incorporate these security enhancements. So in these weeks will be expanding between the phones market.