Exploiting a Use-After-Free in SerenityOS's Ladybird Browser Engine

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Exploiting a Use-After-Free in SerenityOS's Ladybird Browser Engine

2025-05-01

A Use-After-Free (UAF) vulnerability has been discovered in the LibJS JavaScript engine of Ladybird, a browser engine from the SerenityOS project. This vulnerability stems from improper management of the interpreter's argument buffer, allowing attackers to trigger it with a maliciously crafted proxy function object and a `[[Get]]` handler. Exploiting this UAF grants arbitrary read/write primitives, culminating in code execution—demonstrated by executing `/calc`. The vulnerability was found using the Fuzzilli fuzzer and exploited through a series of steps involving memory leaking and object faking.

(jessie.cafe)

Development

Microsoft Office's Startup Boost: Faster Launch, Slower PC?

America's Food Safety: A Battle Against Lies and History