7 matches found
CVE-2019-9857
A flaw in the inotify subsystem can allow a local attacker to create a denial of service DOS situation in which the memory use of watches on existing watchpoints were not accounted for correctly...
WebKit JavaScriptCore - 'createRegExpMatchesArray' Type Confusion
/ Prerequisites ------------- In JavaScriptCore, JSObjects have an associated Structure: an object describing various aspects of the JSObject such as its type, its properties, and the type of elements being stored e.g. unboxed double or JSValues. Whenever a property is added to an object or some...
WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free Exploit
WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free Exploit / While fuzzing JavaScriptCore, I encountered the following simplified and commented JavaScript program which crashes jsc from current HEAD and release: / function v9 // Some watchpoint on the LexicalEnvironment is...
WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free
WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free / While fuzzing JavaScriptCore, I encountered the following simplified and commented JavaScript program which crashes jsc from current HEAD and release: / function v9 // Some watchpoint on the LexicalEnvironment is triggered he...
WebKit JavaScriptCore - createRegExpMatchesArray Type Confusion
WebKit JavaScriptCore - createRegExpMatchesArray Type Confusion / Prerequisites ------------- In JavaScriptCore, JSObjects have an associated Structure: an object describing various aspects of the JSObject such as its type, its properties, and the type of elements being stored e.g. unboxed double...
WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free
/ While fuzzing JavaScriptCore, I encountered the following simplified and commented JavaScript program which crashes jsc from current HEAD and release: / function v9 // Some watchpoint on the LexicalEnvironment is triggered here // during the 2nd invocation which jettisons the CodeBlock for v9. ...
rVMI: Perform Full System Analysis with Ease
Manual dynamic analysis is an important concept. It enables us to observe the behavior of a sophisticated malware sample or exploit by executing it in a controlled environment. The information gathered through this process is often crucial in gaining a full understanding of a sample. When...