Today we’ve expanded the scope and rewards for the Chrome VRP V8 sandbox bypass rewards to include any demonstrated memory corruption outside the sandbox. (https://g.co/chrome/vrp#v8-sandbox-bypass-rewards)
The V8 sandbox is not yet considered a security boundary, but this expansion is one of many precursors to get there.
We do hope that if you’re doing browser or V8 research, you’ll start playing in our sandbox!
Also we have opened previous V8 sandbox submissions under the previous scope for early public disclosure in our bug tracker. This is a treasure trove of information for learning about know bypass techniques. (https://issues.chromium.org/hotlists/4802478)
=> More informations about this toot | More toots from amy@infosec.exchange
@amy congrats to this big milestone in the v8 sandbox! kudos @saelo, @tsuro, @cffsmith and team 👏
=> More informations about this toot | More toots from freddy@security.plumbing This content has been proxied by September (ba2dc).Proxy Information
text/gemini