Explore a 35-minute Black Hat conference talk that delves into the security vulnerabilities hidden within Google's JavaScript engine V8, focusing on the Maglev mid-tier compiler. Learn about the potential exploits in Chrome's runtime and Just-In-Time (JIT) compilation process, stemming from newer features like built-in functions and optimization layers. Discover how complex code logic in the Maglev compilation layer can conceal undetected security risks. Gain insights from security researchers Nan Wang and Zhenghang Xiao as they uncover and explain these critical vulnerabilities in Chrome's JavaScript engine.
The Hat Trick - Exploit Chrome Twice from Runtime to JIT
Overview
Syllabus
The Hat Trick: Exploit Chrome Twice from Runtime to JIT
Taught by
Black Hat
Related Courses
-
Reviving JIT Vulnerabilities - Unleashing the Power of Maglev Compiler Bugs on Chrome Browser
-
JIT Leaks - Inducing Timing Side Channels through Just-In-Time Compilation
-
New Wine in an Old Bottle - Attacking Chrome WebSQL
-
Attacking Client-Side JIT Compilers
-
The Most Secure Browser? Pwning Chrome from 2016 to 2019
-
Vivisection of an Exploit Development Process
