Google Uses Clang Sanitizers To Protect Android Against Cellular Baseband Vulnerabilities

December 13, 2023NewsroomMobile Communication Security / Firmware

Clan Sanitizers

Google highlights the role played by Clang sanitizer to tighten the security of the cellular baseband of Android operating system and prevention of certain types of vulnerabilities.

It contains the Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of the UndefinedBehaviorSanitizer (downsized), a tool designed to capture various types of undefined behavior during program execution.

“They are architecture agnostic, suitable for bare-metal deployment, and should enable existing C/C++ code bases to reduce unknown vulnerabilities,” Ivan Lozano and Roger Piqueras Jover SAYS in a Tuesday post.


Cook AI-Powered Threats with Zero Trust – Webinar for Security Professionals

Traditional security measures just won’t cut it in today’s world. It’s time for Zero Trust Security. Secure your data like never before.

Join now

The development comes months after the tech giant said it was working with ecosystem partners to increase the firmware security which interacts with Android, thereby making it difficult for threat actors to achieve remote code execution within the Wi-Fi SoC or the cellular baseband.

IntSan and BoundSan are two of the compiler-based sanitizers enabled by Google as an exploit mitigation measure to detect arithmetic overflow and perform bound checks around array accesses, respectively.

Google acknowledges that while BoundSan and IntSan have large performance overhead, this enables critical security attack surfaces ahead of a full rollout across the entire codebase. It consists of –

  • Functions for parsing messages delivered over the air in 2G, 3G, 4G, and 5G
  • Libraries to encode/decode complex formats (eg, ASN.1, XML, DNS, etc.)
  • IMS, TCP, and IP stacks, and
  • Messaging functions (SMS, MMS)

“In the particular case of 2G, the best strategy is to disable the stack completely by supporting Android’s ‘2G toggle,'” the researchers said. “However, 2G is still a necessary mobile access technology in some parts of the world and some users must have this legacy protocol.”


It is worth noting that the “tangible” benefits that come from the deployment of sanitizers notwithstanding, they do not address other types of vulnerabilities, such as those related to memory safety, which require a transfer of codebase in a memory-safe language like Rust.

In early October 2023, Google Office has partnered that it rewrites the Android Virtualization Framework’s (AVF) protected VM (pVM) firmware in Rust to provide a secure memory foundation for the pVM root of trust.

“As the high-level operating system becomes a more difficult target for attackers to successfully exploit, we expect that low-level components such as the baseband will attract more attention,” the researchers concluded.

“By using modern toolchains and deploying exploit mitigation technologies, the baseband attack bar can also be raised.”

Did you find this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Leave a comment