V8 type confusion allows chrome sandbox escape
Man Yue Mo: https://github.com/github/securitylab/tree/main/SecurityExploits/Chrome/v8/CVE_2023_3420 https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/
V8 type confusion allows chrome sandbox escape
Man Yue Mo: https://github.com/github/securitylab/tree/main/SecurityExploits/Chrome/v8/CVE_2023_3420 https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/