WebGL shader leaks VRAM data
Closed this issue · 1 comments
paulthomson commented
[Shaders, screenshots, error log, reproduction steps, platform info, etc.] [ZIP]
This shader appears to cause VRAM data to be output. This allows a malicious WebGL web page to capture and upload the contents of other browser tabs in Chrome and the stock browser.
Here is an example of an image captured by our proof-of-concept malicious web page. The image shows the contents of another browser tab that was showing a banking web page.
We have not included the shader files.
paulthomson commented
Cannot reproduce on the latest update for the S6.