Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

CVE-2021-30632 PoC — Google Chrome 缓冲区错误漏洞

Source
https://github.com/Phuong39/PoC-CVE-2021-30632
Associated Vulnerability
Title:Google Chrome 缓冲区错误漏洞 (CVE-2021-30632)
Description:Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Description
PoC CVE-2021-30632 - Out of bounds write in V8
Readme
# PoC-CVE-2021-30632
PoC CVE-2021-30632 - Out of bounds write in V8


Tested against Samsung Internet Browser v15.0.2.47, which does not yet have Google's patch.

This bug is caused by the fact that global property "stores" for existing values with unstable maps are lacking a
stability code dependency in the affected versions.
It is exploitable because global property "loads" benefit from "CheckMaps" removal when a stability code dependency
is in place for their value's map.
The recipe for explotaition involves transitioning from an array of PACKED_SMI elements with a stable map to an array of
PACKED_DOUBLE elements and have multiple JITted functions that deal with each kind of array.
Type confusions between PACKED_SMI and PACKED_DOUBLE elements => Out of bounds R/W.
File Snapshot

 [4.0K]  /data/pocs/bc36fd3c64633c0a27fd1524c6334cb0f2704ecd
├── [5.0K]  poc.html
└── [ 778]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →