漏洞平台

POC详情： 2b4997d6080757d6936fad7f20e193f4e9c49f84

来源

https://github.com/bjrjk/CVE-2024-8381

关联漏洞

标题： Mozilla Firefox和Mozilla Firefox ESR 安全漏洞 (CVE-2024-8381)
描述：Mozilla Firefox和Mozilla Firefox ESR都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。 Mozilla Firefox和Mozilla Firefox ESR存在安全漏洞，该漏洞源于存在类型混淆漏洞。

描述

CVE-2024-8381: A SpiderMonkey Interpreter Type Confusion Bug.

介绍

# CVE-2024-8381

A SpiderMonkey Interpreter Type Confusion Bug.

This repository contains analyses in markdown and slide forms, including root cause, PoC, and exploit.

Unfortunately, due to nature of this bug, **exploit is only applicable when ASLR is disabled**.

Slides: [Slides.pdf](Slides.pdf)

Analysis: [Analysis.md](Analysis.md)

## Demo

![CVE-2024-8381-Tailored](Videos/CVE-2024-8381-Tailored.gif)

## Reproduce Information

- OS: Ubuntu 24.04
- GLIBC: Ubuntu GLIBC 2.39-0ubuntu8.3
- Clang: `version 18.1.7 (taskcluster-EnF59hKVRyOsVdbwyVaiug)`, Installed by `./mach bootstrap`
- Git Commit: [198d5fc1bebaaf114197a529ebdd4b9601045719](https://github.com/mozilla/gecko-dev/commit/198d5fc1bebaaf114197a529ebdd4b9601045719)
- PoC Execute Command: `obj-debug-x86_64-pc-linux-gnu/dist/bin/js PoC.js`
- Exploit Execute Command: `setarch x86_64 -R obj-opt-x86_64-pc-linux-gnu/dist/bin/js Exp.js`
- MOZConfig: Check `mozconfigs/`


## Acknowledgement

- Shoutout to [Nils Bars](https://x.com/__nils_) [@nbars](https://github.com/nbars) for finding the bug.

## References

1. https://www.cve.org/CVERecord?id=CVE-2024-8381
2. https://github.com/mozilla/gecko-dev/commit/fab7e5c28e628ddc2b873a723838562c9b41205e
3. https://github.com/mozilla/gecko-dev/commit/0ca509a3a7fbf4ff5d34cf25083a4427f3205549
4. https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/with
5. https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Symbol/unscopables

文件快照


 [4.0K]  /data/pocs/2b4997d6080757d6936fad7f20e193f4e9c49f84
├── [ 25K]  Analysis.md
├── [1.9K]  Exp.js
├── [4.0K]  images
│   ├── [260K]  Exploit-Type-Confusion.png
│   └── [132K]  PoC-Type-Confusion.png
├── [4.0K]  mozconfigs
│   ├── [ 529]  debug
│   └── [ 411]  opt
├── [ 227]  PoC.js
├── [1.5K]  README.md
├── [334K]  Slides.pdf
└── [4.0K]  Videos
    ├── [2.1M]  CVE-2024-8381.mp4
    ├── [2.1M]  CVE-2024-8381-Tailored.gif
    └── [813K]  CVE-2024-8381-Tailored.mp4

3 directories, 12 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。