The Hat Trick: Exploit Chrome Twice from Runtime to JIT
With updates to the JS standard and requirements for higher runtime efficiency, Google’s JS engine V8 has implemented newer features such as built-in functions like and the Maglev mid-tier compiler.
Maglev is a compilation optimization layer in V8 that is situated between Sparkplug and Turbofan in order to accelerate the optimization and compilation of JS code. However, due to the involvement of compilation and optimization-related mechanisms in the Maglev compilation layer, deep and complex code logic can hide undetected security vulnerabilities....
By: Nan Wang , Zhenghang Xiao
Full Abstract and Presentation Materials: #the-hat-trick-exploit-chrome-twice-from-runtime-to-jit-31557
2 months ago 00:05:43 1
2 months ago 01:27:46 1
2 months ago 00:00:52 1
2 months ago 00:05:01 1
2 months ago 00:31:18 1
![Kubernetes: The Documentary [PART 2]](https://sun9-27.userapi.com/-1OnombZh5ePDnPxRr164YfU1t8BpYD2qnQiJA/l8emtF8KJaw.jpg)
2 months ago 00:24:55 1
![Kubernetes: The Documentary [PART 1]](https://sun9-31.userapi.com/-ImcEx_sgVPVT8LqOAgKyQ_7dP0qFSm8qsI3wA/bF1PBzMXCyE.jpg)
2 months ago 00:04:20 1
2 months ago 00:09:09 1
2 months ago 00:51:11 1
2 months ago 00:00:00 1
2 months ago 00:09:30 2
2 months ago 00:00:54 1
2 months ago 00:07:53 1
2 months ago 00:05:45 1
2 months ago 00:50:14 1
![Chevelle - Hats Off To The Bull (Full Album) [2011]](https://sun9-17.userapi.com/FVXhiaPgSujk0Lupm8f0DGcIs04N6OEiD5ILag/wh38t6Bbp1Q.jpg)
2 months ago 00:00:39 1
2 months ago 00:22:49 1
2 months ago 00:54:03 1
2 months ago 00:00:58 1
2 months ago 00:05:54 1
2 months ago 00:08:20 1
2 months ago 00:03:18 1
2 months ago 01:19:54 1
2 months ago 00:02:41 1
