silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,005
Google this week announced expanded compiler-based mitigations in Android P, in an attempt to make bugs harder to exploit and prevent specific types of issues from becoming vulnerabilities.
One of these is Control Flow Integrity (CFI), which represents a set of mitigations meant to “confine a program's control flow to a call graph of valid targets determined at compile-time.” Android already supports CFI implementation in select components, but the next platform release will expand that support, the search giant says.
“This implementation focuses on preventing control flow manipulation via indirect branches, such as function pointers and virtual functions,” Google explains.
[...] Google Expands Android's Compiler-Based Mitigations | SecurityWeek.Com