Mathias Payer@gannimo@infosec.exchange
🚂
Murder on the JNI Express 🚂
Hercule Poirot solved murders.
Droidot solves... memory corruption.
On the Android Express, every app is a suspect and their outdated native C/C++ libraries are hiding skeletons in the .so closet.
We investigated 3,967 of the most popular apps, following every JNI call like a trail of footprints in the snow.
Our case file:
🕵️♂️
4,282 crashes
🔓
34 confirmed vulnerabilities
📜
3 CVEs
The culprit?
Buggy libraries traveling incognito between apps.
Interested? Check out https://nebelwelt.net/blog/2025/0813-droidot.html or meet us this week at #usenixsecurity!