Issue: - Title: WebCore::FontFallbackList::determinePitch memory corruption - URL: Key Information: - CVE Identifier: (not explicitly mentioned, but likely tracked in security databases) - Component: WebCore subsystem, specifically FontFallbackList - Vulnerability Type: Memory corruption - Description: After unpacking webkit30.rar, using the 2.xhtml and frame.jsp files in the unpacked content, and deploying them on a Tomcat server, visiting the frame.jsp file with Chrome triggers a memory corruption crash, indicated by an access violation with code c0000005. - Technical Details: - Stack trace reported an exception at chrome_1f30000!WebCore::FontFallbackList::determinePitch+0x17 and the accompanying assembly code and CPU state indicate the crash location. - The crash seems to occur while processing font metrics or during rendering operations within WebCore. Status: - Resolution: Fixed - Severity: S1 (very high severity) - Priority: P1 (highest priority) - Labels: Vulnerability, Fixed, Security_Impact-Stable - Assignee: - Reporter: - Verifier: (not specified in the screenshot) Comments and Insights: - 38 comments are present with ongoing discussion and technical insights. - Limited commenting access for some users.