NDSS 2025 – A Holistic Security Analysis Of Google Fuchsia’s (And gVisor’s) Network Stack

SESSION
Session 2D: Android Security 1

Authors, Creators & Presenters: Inon Kaplan (Independent Researcher), Ron Even (Independent Researcher), Amit Klein (The Hebrew University Of Jerusalem, Israel) —
PAPER
— You Can Rand but You Can’t Hide: A Holistic Security Analysis of Google Fuchsia’s (and gVisor’s) Network Stack
This research is the first holistic analysis of the algorithmic security of the Google Fuchsia/gVisor network stack. Google Fuchsia is a new operating system developed by Google in a “clean slate” fashion. It is conjectured to eventually replace Android as an operating system for smartphones, tablets, and IoT devices. Fuchsia is already running in millions of Google Nest Hub consumer products. Google gVisor is an application kernel used by Google’s App Engine, Cloud Functions, Cloud ML Engine, Cloud Run, and Google Kubernetes Engine (GKE). Google Fuchsia uses the gVisor network stack code for its TCP/IP implementation. We report multiple vulnerabilities in the algorithms used by Fuchsia/gVisor to populate network protocol header fields, specifically the TCP initial sequence number, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID fields. In our holistic analysis, we show how a combination of multiple attacks results in the exposure of a PRNG seed and a hashing key used to generate the above fields. This enables an attacker to predict future values of the fields, which facilitates several network attacks. Our work focuses on web-based device tracking based on the stability and relative uniqueness of the PRNG seed and the hashing key. We demonstrate our device tracking techniques over the Internet with browsers running on multiple Fuchsia devices, in multiple browser modes (regular/privacy), and over multiple networks (including IPv4 vs. IPv6). Our tests verify that device tracking for Fuchsia is practical and yields a reliable device ID. We conclude with recommendations on mitigating the attacks and their root causes. We reported our findings to Google, which issued CVEs and patches for the security vulnerabilities we disclosed. — ABOUT NDSS The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies. —

Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’ YouTube channel.

Permalink

*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://www.youtube-nocookie.com/embed/RLdbNoVkYIE?si=bM_B_j10dVZvJb6C

November 12, 2025November 12, 2025 Marc Handelman Android Security 1, appsec education, cybersecurity education, Infosecurity Education, NDSS 2025, NDSS Symposium, Network Security, Security Conferences, Session 2D