Android Memory Safety Breakthrough: Rust Drops Vulnerability Share Below 20%

The Android team has summed up the year by describing how the transition to memory-safe languages is reshaping the entire platform. Engineers note that the strategic focus on preventing vulnerabilities in newly written code is paying off: for the first time, the share of memory-safety defects has fallen below 20 percent. This shift is reflected across the entire Android ecosystem — from system components to applications and firmware.

The team emphasizes that Rust has become the pivotal instrument behind this progress, reducing the density of such defects by orders of magnitude compared with C and C++. Its influence, however, extends far beyond security alone: Rust-based updates require fewer rollbacks, move through code review more quickly, and are far less likely to trigger failures in other parts of the system. According to the developers, changes implemented in Rust pass review about a quarter faster, while the likelihood of reverting to an earlier version drops fourfold.

Rust’s expansion now touches an ever-growing range of subsystems. Android 6.12 introduces full kernel-level support for Rust along with its first operational driver. This shift is especially important for firmware: their elevated privileges make them inherently vulnerable, and rewriting such modules in a safe language substantially reduces the risk of catastrophic failures. Rust support is also being integrated into applications — for example, in Bluetooth device-discovery mechanisms, secure RCS messaging protocols, and data handlers within Chromium.

The team also described a nearly-missed vulnerability — a buffer overflow in the CrabbyAVIF library. The flaw never made it into release builds thanks to Android’s Scudo memory allocator, which isolated the fault and turned it into a detectable crash. The incident prompted improvements in diagnostic tooling and accelerated work on a training course devoted to the safe handling of Rust’s unsafe constructs.

Analysis shows that even when accounting for code inside unsafe blocks, the overall risk level remains orders of magnitude lower than in legacy system languages. Experts estimate the density of potential defects in Rust at roughly 0.2 per million lines of code, whereas in C and C++ it historically reaches into the thousands.

Google stresses that traditional system languages will continue to be part of the platform, yet the shift toward Rust is altering the balance: the safer path now also accelerates development. This transformation allows Android to grow more resilient without sacrificing performance — and to evolve at a faster pace.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy