The principal goal of Android security is the secure containment of application privileges.
And the foundation of this isolation is the security of the kernel.Until recently, Android security research has not focused on platform-specific kernel modifications and the majority of public Android kernel exploits were based on upstream CVEs. But in the past year, we have seen an increased interest from researchers in Android kernel security, particularly in the area of memory corruption exploitation.
Qualcomm, thanks to our processors at the heart of a dominant share of
Android devices, is at the centre of this pique of interest. This
presentation will describe the Qualcomm Product Security Team’s incident
response work in this area. We will provide an insight into the scope of
the platform-specific attack surface, present tools we have developed for
rapid exploit reverse engineering and automated vulnerability finding, and
describe kernel hardening countermeasures that we have introduced.