Google Expands Android's Compiler-Based Mitigations

[silversurfer]

Content source

https://www.securityweek.com/google-expands-androids-compiler-based-mitigations

Google this week announced expanded compiler-based mitigations in Android P, in an attempt to make bugs harder to exploit and prevent specific types of issues from becoming vulnerabilities.

One of these is Control Flow Integrity (CFI), which represents a set of mitigations meant to “confine a program's control flow to a call graph of valid targets determined at compile-time.” Android already supports CFI implementation in select components, but the next platform release will expand that support, the search giant says.

“This implementation focuses on preventing control flow manipulation via indirect branches, such as function pointers and virtual functions,” Google explains.

[...] Google Expands Android's Compiler-Based Mitigations | SecurityWeek.Com