2021
05.15

Chrome Array Transfer Bypass

Category: exploit / Tags: no tag / Add Comment

The fix for CVE-2021-21148 has added a check in |ValueSerializer::WriteJSArrayBuffer| to make sure non-detachable array buffers cannot be transferred. The check can be bypassed with the help of asm.js and property getters.

No Comment.

Add Your Comment

Your Comment

You must be logged in to post a comment.