Microsoft Edge Chakra - InterpreterStackFrame::ProcessLinkFailedAsmJsModule Incorrect Usage of PushPopFrameHelper (Denial of Service)

Microsoft Edge Chakra - InterpreterStackFrame::ProcessLinkFailedAsmJsModule Incorrect Usage of PushPopFrameHelper Denial of Service GetScriptContext-GetThreadContext-GetLeafInterpreterFrame; GetLoopHeaderinterpreterFrame-GetCurrentLoopNum; GetCurrentLoopNum == -1 ... PoC: -- function asmModule 'u...

Microsoft Edge Chakra PushPopFrameHelper Incorrect Usage Exploit

Microsoft Edge Chakra suffers from an incorrect usage of PushPopFrameHelper in InterpreterStackFrame::ProcessLinkFailedAsmJsModule. Microsoft Edge: Chakra: Incorrect usage of PushPopFrameHelper in InterpreterStackFrame::ProcessLinkFailedAsmJsModule CVE-2017-8646 PushPopFrameHelper is a class that...

Microsoft Edge: Chakra: Incorrect usage of PushPopFrameHelper in InterpreterStackFrame::ProcessLinkFailedAsmJsModule(CVE-2017-8646)

PushPopFrameHelper is a class that pushes the current stack frame object in its constructor and pops it in the destructor. So it should be used like "PushPopFrameHelper holder...", but InterpreterStackFrame::ProcessLinkFailedAsmJsModule uses it like a function. Var...

Microsoft Edge Chakra PushPopFrameHelper Incorrect Usage

Microsoft Edge: Chakra: Incorrect usage of PushPopFrameHelper in InterpreterStackFrame::ProcessLinkFailedAsmJsModule CVE-2017-8646 PushPopFrameHelper is a class that pushes the current stack frame object in its constructor and pops it in the destructor. So it should be used like "PushPopFrameHelp...