HomeCyber BalkansChrome UAF Process Vulnerabilities Currently Being Targeted

Chrome UAF Process Vulnerabilities Currently Being Targeted

Published on

spot_img

Security researchers have reported that two critical use-after-free (UAF) vulnerabilities in Google Chrome’s Browser process were actively exploited in the wild, putting users at risk of potential sandbox escapes and arbitrary code execution.

However, the implementation of the MiraclePtr defense mechanism by Google has effectively prevented these vulnerabilities from being exploited, marking a significant advancement in browser security.

The vulnerabilities, as detailed in the official report from SSD Labs, were present in Chrome versions 133.0.6835.0 to 135.0.7016.0. The bugs stemmed from the mishandling of callbacks bound to raw pointers and WeakPtr, particularly within the synchronization services.

For instance, the vulnerability could be triggered in the code snippet from components/sync/service/sync_service_impl.cc, where the destruction of the callback’s instance while the task is still executing leads to a UAF condition.

The mechanism behind this vulnerability involves hidden reference counters that increase each time a pointer is allocated. Only when all references are gone is the memory actually freed, and an attempt to use a freed pointer results in an intentional crash, not code execution.

Demonstrations have revealed that opening certain Chrome pages and quickly closing the associated window could exploit the vulnerable code paths, causing a crash and potential exploitation. However, with MiraclePtr in place, these attempts only result in a crash without compromising security.

The prompt identification and mitigation of these UAF vulnerabilities, thanks to Chrome’s proactive defense measures, emphasize the ongoing arms race in browser security. Despite being actively exploited in the wild, the utilization of MiraclePtr has effectively thwarted these attacks for the time being.

Security experts advise all Chrome users to ensure their browsers are up to date to safeguard against similar threats. The continuous enhancement of MiraclePtr technology underscores Google’s dedication to shielding its extensive user base from even the most sophisticated cyber attacks.

Source link

Latest articles

CISA Issues Warning About Exploited File Upload Vulnerabilities in iCagenda and Balbooa Forms

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited...

Can AI Bridge the Gap in Cybersecurity Inequality?

In the rapidly evolving landscape of artificial intelligence (AI) and cybersecurity, the integration of...

Jscrambler NPM Supply Chain Attack Compromises Cloud Credentials and Crypto Wallet Secrets

Supply Chain Compromise: Jscrambler npm Package Under Siege In a recent cybersecurity incident, a malicious...

New GhostCommit Technique Conceals Exploits in Images to Avoid Detection by AI Code Reviewers

Researchers Uncover GhostCommit Technique: A New Threat to Code Security In a groundbreaking revelation, researchers...

More like this

CISA Issues Warning About Exploited File Upload Vulnerabilities in iCagenda and Balbooa Forms

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited...

Can AI Bridge the Gap in Cybersecurity Inequality?

In the rapidly evolving landscape of artificial intelligence (AI) and cybersecurity, the integration of...

Jscrambler NPM Supply Chain Attack Compromises Cloud Credentials and Crypto Wallet Secrets

Supply Chain Compromise: Jscrambler npm Package Under Siege In a recent cybersecurity incident, a malicious...