Google is reportedly reworking part of the Pixel 10 baseband with a new Rust security component, aiming at one of the most fragile layers inside a modern phone. The report says Google added a Rust-based module to the baseband as part of a broader push to reduce memory-related attack risks.
A cellular baseband is effectively its own operating environment, handling calls, text messages, mobile data, and network communication outside the main smartphone OS. Because baseband firmware has been built up over decades with large amounts of C and C++ code, it has long been a difficult target from a security perspective.
According to the report, Google Project Zero has found more than 24 vulnerabilities in Exynos basebands in recent years, including 18 rated as severe. Even when known flaws are patched, the size and complexity of legacy code still leave room for future issues, especially when manual memory management is involved.
That is where Rust comes in. Instead of relying on garbage collection, Rust enforces memory-safety rules during compilation through its borrow-checking model. In practice, that makes it possible to harden security-sensitive code paths without introducing the kind of runtime pauses that would be unacceptable in a real-time communications subsystem.
Rather than trying to rewrite huge amounts of proprietary modem code, Google reportedly chose a narrower entry point: the DNS parser. Since DNS traffic involves parsing untrusted external data, it is a natural place to reduce the risk of memory attacks. The Rust-based piece is said to rely on the open-source hickory-proto library, adapted and embedded into the existing C/C++ architecture.
The added Rust component reportedly increases the baseband footprint by only 371KB, which is a small tradeoff for a dedicated security barrier in a critical subsystem. If accurate, the Pixel 10 would be the first phone to ship with this approach, and it could become an early sign of how vendors may start modernizing modem security without tearing up their entire stack.
