tags:v8OOB_writechromemaglevJIT original link: Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution newsletter link: exploits.club Weekly Newsletter 05


Exploits Club Summary:

Last week, we shared a link to the most recent Chrome Update Bulletin, and mentioned we were looking forward to @__suto’s write-up on the OOB write he used to pop V8CTF. While we are still excited for his eventual write-up, it seems his submission may have burnt a bug Exodus Intelligence was also uniquely familiar with. A few days after the patch was released, the company posted an in-depth write-up on the bug and corresponding exploit. The post does a good job of setting up the relevant context for those not overly familiar with browser internals, making it quite approachable.