Vulners
Lucene search
Chrome 121 Javascript Fork Malloc Bomb
🗓️ 29 Jan 2024 00:00:00Reported by Georgi GuninskiType 
packetstorm🔗 packetstormsecurity.com👁 302 Views
`Searching the web for `javascript fork malloc bomb` returns results,
e.g. [here][1]: and [here][2]:
We got a javascript fork malloc bomb which crashed Chrome 121 on linux
with SIGILL and about one in five runs the virtual machine freezes.
SIGILL almost always is a sign of memory corruption :)
On android it crashes the current tab without explanation.
Firefox 121 on linux also crashes the current tab.
In all cases except the sporadic freezes, the browser remains functioning,
not counting the crashed tab.
The javscript code is simply simple:
`setInterval("document.body.innerHTML += document.body.innerHTML ",1);`
[Online demo][3]: In case someone wants to test it on other browsers
or debug.
The GNU/linux tests took about 1.5 minutes in a virtual machine with
4GB RAM and single core.
[1]: http://wiki.glitchdata.com/index.php/Examples_of_fork_bombs#JavaScript
[2]: https://gist.github.com/betandr/f0cbbb663accc3a76c11cc7661711566#javascript
[3]: https://www.guninski.com/fork1.html
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Jan 2024 00:00Current
7.4High risk
Vulners AI Score7.4