Skip to content

tin-z/CVE-2025-27363

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2025-27363 (on Chrome 113)

Note: In chrome, this is not a new vulnerability, it was patched (roll-up commit) in March 2023. This PoC targets only chrome headless mode. However, I think it's an interesting read if you want to explore some internals and see the exploitation on PartitionAlloc when you have a small slot_size xD

Author: Altin (tin-z)

Env:

Table of contents:

Poc

python font_gen_POC.py

cp poc.ttf poc_rce/


About

Integer overflow in FreeType software, which also affects Chrome

Resources

Stars

31 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors