Google Chromium V8, Type Confusion, CVE-2024-3833 (Critical)

Listen to this Post

How the mentioned CVE works: This CVE is a type confusion vulnerability within the V8 JavaScript engine. The flaw arises during the compilation of optimized code, where an incorrect assumption is made about an object’s type. An attacker can craft malicious JavaScript code that triggers an optimization pass, leading the JIT compiler to infer an object is of a specific type. Subsequent execution, however, can manipulate the object into being a different type, causing the pre-compiled code to perform unsafe operations on the memory pointer. This type confusion corrupts memory and can be exploited to achieve remote code execution within the context of the browser renderer process, bypassing security sandboxes.
Platform: Google Chromium
Version: prior to 124.0.6367.207
Vulnerability: Type Confusion
Severity: Critical

date: 2024-05-07

Prediction: 2024-05-14

What Undercode Say:

`git log –oneline –grep=”3833″ –all`

`v8/src/compiler/type-hierarchy.cc`

`test/mjsunit/compiler/regress-1234567.js`

How Exploit:

Malicious JavaScript triggers JIT optimization.

Code manipulates object types post-compilation.

Type confusion leads to memory corruption.

RCE within the renderer sandbox.

Protection from this CVE:

Update to Chromium 124.0.6367.207.

Disable JavaScript execution.

Apply upstream vendor patches.

Impact:

Remote Code Execution.

Compromise of user system.

Bypass of security sandbox.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top