Chrome actively exploited 0-day vulnerability (CVE-2023-2033: type confusion in V8 engine,
[0-day] JIT optimisation issue(Issue 1432210, CVE-2023-2033, Blink>JavaScript>Runtime & Blink>JavaScript>Compiler)”There seems to be a JIT optimisation issue allowing attacker to leak TheHole value. Filling this bug now as it is used ITW and we have a PoC demonstrating the issue. This might be an issue similar to CVE-2022-1364.”How to reproduce:TheHole leaked when using optimization.
💾$ ./d8 –allow-natives-syntax hole.js
Same code fails with no optimization.
💾$ ./d8 –allow-natives-syntax –no-opt hole.js
What do you think?
It is nice to know your opinion. Leave a comment.