谷歌安卓团队：Rust代码漏洞密度仅为C/C++千分之一

DoNews

Nov 15

谷歌安卓团队发布最新报告称，2025年Android内存安全类漏洞占比首次降至20%以下。目前平台约有500万行Rust代码，潜在内存安全问题为每百万行0.2个，而C/C++历史数据约为每百万行1000个。Rust代码的回滚率仅为C++的四分之一，代码审查耗时减少约25%。基于系统编程语言的数据对比显示，Rust使用量快速增长，新C++代码量持续下降。在软件交付方面，采用DORA评估框架的结果显示...

Source Link

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2583539246"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2583539246\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2583539246?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-11-15 22:11","share_image_url":"https://static.laohu8.com/9a95c1376e76363c1401fee7d3717173","id":"2583539246","market":"us","top_or_hot":-1,"title":"谷歌安卓团队：Rust代码漏洞密度仅为C/C++千分之一","media":"DoNews","content":"<div>\n<p>谷歌安卓团队发布最新报告称，2025年Android内存安全类漏洞占比首次降至20%以下。目前平台约有500万行Rust代码，潜在内存安全问题为每百万行0.2个，而C/C++历史数据约为每百万行1000个。Rust代码的回滚率仅为C++的四分之一，代码审查耗时减少约25%。基于系统编程语言的数据对比显示，Rust使用量快速增长，新C++代码量持续下降。在软件交付方面，采用DORA评估框架的结果显示...</p>\n\n<a href=\"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN202511152217169506642e&s=b\">Source Link</a>\n\n</div>\n","source":"tencent","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>谷歌安卓团队：Rust代码漏洞密度仅为C/C++千分之一</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\n谷歌安卓团队：Rust代码漏洞密度仅为C/C++千分之一\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-11-15 22:11 北京时间&nbsp;&nbsp;&nbsp;<a href=http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN202511152217169506642e&s=b><strong>DoNews</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>谷歌安卓团队发布最新报告称，2025年Android内存安全类漏洞占比首次降至20%以下。目前平台约有500万行Rust代码，潜在内存安全问题为每百万行0.2个，而C/C++历史数据约为每百万行1000个。Rust代码的回滚率仅为C++的四分之一，代码审查耗时减少约25%。基于系统编程语言的数据对比显示，Rust使用量快速增长，新C++代码量持续下降。在软件交付方面，采用DORA评估框架的结果显示...</p>\n\n<a href=\"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN202511152217169506642e&s=b\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"LU2461242641.AUD","symbol_name":"WELLINGTON US QUALITY GROWTH \"A\" (AUDHDG) ACC","start_time":0,"source_url":"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN202511152217169506642e&s=b","article_id":"2583539246","we_media_id":null,"thumbnails":[],"rights":{"source":"tencent","url":"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN202511152217169506642e&s=b","rn_cache_url":null,"customStyle":"body{padding-top:10px;}#news_title{font-weight:bold;#titleStyle#;}#news_description span{font-size:12px;#descriptionStyle#;}.footer-note{#statement#}","selectors":".mod-LoadTzbdNews, body","filters":".relate-stock, .hot-list, .recom-box, .wx-sou","directOrigin":true},"url":"https://stock-news.laohu8.com/highlight/detail?id=2583539246","pubTimestamp":1763215862,"columns":[],"sourceInfo":{"source_id":"tencent","name":"腾讯"},"weMediaInfo":null,"summary":"谷歌安卓团队发布最新报告称，2025年Android内存安全类漏洞占比首次降至20%以下。目前平台约有500万行Rust代码，潜在内存安全问题为每百万行0.2个，而C/C++历史数据约为每百万行1000个。Rust代码的回滚率仅为C++的四分之一，代码审查耗时减少约25%。基于系统编程语言的数据对比显示，Rust使用量快速增长，新C++代码量持续下降。团队披露首个“几乎发生”的Rust内存安全漏洞CVE-2025-48530，出现在CrabbyAVIF组件中的线性缓冲区溢出。","collect":0,"end_time":0,"defaultTopTitle":"qq.com","property":[],"viewcount":null,"language":"zh","relate_stocks":{"LU2461242641.AUD":"WELLINGTON US QUALITY GROWTH \"A\" (AUDHDG) ACC","LU0426417589.USD":"NINETY ONE GSF GLOBAL FRANCHISE \"A\" (USD) INC","BK4554":"元宇宙及AR概念","BK4581":"高盛持仓","LU2361044865.SGD":"WELLINGTON US QUALITY GROWTH \"A\" (SGDHDG) ACC","LU0048584097.USD":"FIDELITY FUNDS  GLOBAL THEMATIC OPPORTUNITIES \"A\" (USD) INC","LU0080751232.USD":"富达环球多元动力基金A","USJW.SI":"ALPHAB 3xLongSG261006","LU2065169927.USD":"M&G (LUX) GLOBAL MAXIMA \"A\" (USD) ACC","LU0029864427.USD":"TEMPLETON GLOBAL \"A\" (USD) INC","LU2168564495.EUR":"AZ ALLOCATION - TREND \"AI\" (EUR) ACC","LU2168564222.USD":"AZ ALLOCATION - TREND \"AAZ\" (USDHDG) ACC","LU0345774391.USD":"NINETY ONE GSF AMERICAN FRANCHISE \"A\" (USD) ACC","LU1043141396.HKD":"NINETY ONE GSF GLOBAL FRANCHISE \"A\" (HKD) ACC","LU0708994859.HKD":"TEMPLETON GLOBAL \"A\" (HKD) ACC","LU2720916845.USD":"BGF GLOBAL UNCONSTRAINED EQUITY \"A2\" (USD) ACC","LU1116320901.HKD":"BGF SYSTEMATIC GLOBAL ENHANCED EQUITY YIELD \"A6\" (HKD) INC","LU1974910355.USD":"Allianz Thematica Cl AMg DIS USD","LU1046421795.USD":"富达环球科技A-ACC","LU0203347892.USD":"SCHRODER ISF QEP GLOBAL ACTIVE VALLUE \"A\" (USD)  INC AV","LU0823434583.USD":"BNP PARIBAS US GROWTH \"C\" (USD) ACC","LU1868836591.USD":"CT (LUX) I AMERICAN \"1U\"(USD) ACC","IE0005OL40V9.USD":"JANUS HENDERSON BALANCED \"A6M\" (USD) INC","IE0034235303.USD":"PINEBRIDGE US RESEARCH ENHANCED CORE EQUITY \"A\" (USD) ACC","LU2237443382.USD":"Aberdeen Standard SICAV I - Global Dynamic Dividend A MIncA USD","GOOGL":"谷歌A","LU0052756011.USD":"TEMPLETON GLOBAL BALANCED \"A\" (USD) INC","LU0127658192.USD":"EASTSPRING INVESTMENTS GLOBAL TECHNOLOGY \"A\" (USD) ACC","LU0175139822.USD":"AB FCP I Global Equity Blend A USD","LU2361044949.HKD":"WELLINGTON US QUALITY GROWTH \"A\" (HKD) ACC","IE00BHPRN162.USD":"BNY MELLON BLOCKCHAIN INNOVATION \"B\" (USD) ACC","LU0965508806.USD":"AB LOW VOLATILITY EQUITY PORTFOLIO \"AD\" (USD) INC","LU2237443622.USD":"Aberdeen Standard SICAV I - Global Dynamic Dividend A Acc USD","LU2236285917.USD":"ALLIANZ GLOBAL INCOME \"AMG\" (USD) INC","LU0994945656.USD":"NINETY ONE GSF GLOBAL FRANCHISE \"A\" (USD) INC 2","LU1814569148.SGD":"WELLINGTON GLOBAL QUALITY GROWTH \"D\" (SGDHDG) ACC","LU1823568750.SGD":"Fidelity Global Technology A-ACC SGD","SGXZ81514606.USD":"大华环球创新基金A Acc USD","LU0348723411.USD":"ALLIANZ GLOBAL HI-TECH GROWTH \"A\" (USD) INC","LU2463028550.USD":"AB SICAV I AMERICAN MULTI-ASSET PORTFOLIO \"A\" (USD) ACC","LU1674673691.USD":"HSBC GIF GLOBAL LOWER CARBON EQUITY \"AD\" (USD) INC","LU2491049909.HKD":"WELLINGTON SUSTAINABLE OUTCOMES \"A\" (HKD) ACC","GOOG":"谷歌","LU0494093205.USD":"贝莱德ESG灵活多元资产A2 USD-H","LU0210528500.USD":"JPM AMERICA EQUITY \"A\" ACC","SG9999015952.SGD":"LIONGLOBAL DISRUPTIVE INNOVATION \"I\" (SGD) ACC","LU0312595415.SGD":"Schroder ISF Global Climate Change Equity A Acc SGD","LU0342679015.USD":"ALLIANZ GLOBAL EQUITY UNCONSTRAINED \"AT\" (USD) ACC","LU2552382058.USD":"WELLINGTON US BRAND POWER \"A\" (USD) ACC","LU2242649171.HKD":"FIDELITY FUNDS GLOBAL THEMATIC OPPORTUNITIES \"A\" (HKD) ACC"},"translate_title":"Google Android team: Rust code vulnerability density is only one thousandth of C/C + +","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"GOOG":1.5,"GOOGL":1.5,"USJW.SI":0.6},"content_text":"谷歌安卓团队发布最新报告称，2025年Android内存安全类漏洞占比首次降至20%以下。目前平台约有500万行Rust代码，潜在内存安全问题为每百万行0.2个，而C/C++历史数据约为每百万行1000个。Rust代码的回滚率仅为C++的四分之一，代码审查耗时减少约25%。基于系统编程语言的数据对比显示，Rust使用量快速增长，新C++代码量持续下降。在软件交付方面，采用DORA评估框架的结果显示，Rust提交的代码修改所需审查轮次更少，自2023年起趋势稳定；低回滚率提升了整体交付速度，减少了返工、重新构建与额外审查等组织性成本。Google正扩大Rust应用范围：Android 6.12内核首次启用Rust支持，并上线首个生产版Rust驱动；与Arm和Collabora合作推进Rust版GPU驱动；部分固件中已使用Rust，并推进Rusted Firmware-A项目以降低固件风险。多款关键应用已采用Rust，包括Nearby Presence蓝牙协议、RCS消息的MLS安全通信协议（未来将集成至Google信息app）、Chromium中的PNG、JSON和网页字体解析器。团队披露首个“几乎发生”的Rust内存安全漏洞CVE-2025-48530，出现在CrabbyAVIF组件中的线性缓冲区溢出。因Android默认Scudo加固分配器使用保护页，漏洞被阻断于公开版本之外，未造成实际影响。报告指出，Scudo能将溢出从静默损坏转为可检测崩溃，促使问题及时修复；Google已优化相关崩溃报告机制，以便未来更快定位原因。报告总结称，以往安全改进常伴随性能牺牲或流程成本增加，而Rust实现了“更安全也更高效”的路径，使Android可在提升开发速度的同时修复问题，改善产品稳定性与开发效率。","kind":"news","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":1,"need_auth":false,"code":"91000000","status":"200"}}}