### Rust Integration for Enhanced Security As part of its continued efforts to enhance the security of **Pixel** devices, **Google** has announced the integration of a **Rust**-based DNS parser into the modem firmware. This initiative aims to address memory-related vulnerabilities at a foundational level. According to **Jiacheng Lu**, a software engineer on the **Google Pixel** Team, "The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of vulnerabilities in a risky area, while also laying the foundation for broader adoption of memory-safe code in other areas." This security enhancement is currently available for **Pixel 10** devices, making it the first **Pixel** device to incorporate a memory-safe language into its modem. ### Background: Strengthening Baseband Security This move builds on previous efforts to fortify the cellular baseband modem against potential exploits. In late 2023, **Google** emphasized the effectiveness of **Clang** sanitizers, such as Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), in detecting undefined behavior during program execution. Furthermore, in 2024, **Google** detailed various security measures integrated into the modem firmware to defend against 2G exploits and baseband attacks that exploit memory-safety vulnerabilities, such as buffer overflows, to achieve remote code execution. These security advancements are complemented by **Google's** ongoing adoption of **Rust** in **Android** and low-level firmware. In November 2025, the company reported a significant reduction in memory safety vulnerabilities, falling below 20% of total vulnerabilities discovered in the mobile operating system last year. ### Addressing DNS Vulnerabilities **Google** chose the DNS protocol for its **Rust** implementation due to its fundamental role in modern cellular communications. Vulnerabilities in DNS, especially when implemented in memory-unsafe languages, can expose users to malicious attacks, as highlighted by **CVE-2024-27227**. "With the evolution of cellular technology, modern cellular communications have migrated to digital data networks; consequently, even basic operations such as call forwarding rely on DNS services," **Google** stated. "Implementing the DNS parser in Rust offers value by decreasing the attack surfaces associated with memory unsafety." ### Implementation Details For this implementation, **Google** selected the "hickory-proto" crate, a **Rust**-based DNS client, server, and resolver, and modified it to support bare metal and embedded environments. They also utilized a custom tool called "cargo-gnaw" to manage the crate's dependencies. **Google** noted that the DNS **Rust** crate isn't optimized for memory-constrained systems and suggested that code size optimization could be achieved through feature flags to selectively compile only the required functionality. "For the DNS parser, we declared the DNS response parsing API in C and then implemented the same API in Rust," **Google** explained. "The Rust function returns an integer standing for the error code. The received DNS answers in the DNS response are required to be updated to in-memory data structures that are coupled with the original C implementation; therefore, we use existing C functions to do it. The existing C functions are dispatched from the Rust implementation."