By Javier Jimenez Overview This post describes a method of exploiting a race condition in the V8 JavaScript engine, version 9.1.269.33. The vulnerability affects the following versions of Chrome and Edge: Google Chrome versions between 90.0.4430.0 and 91.0.4472.100. Microsoft Edge versions between 90.0.818.39 and 91.0.864.41. The vulnerability occurs when one of the TurboFan jobs generates a … Continue reading Google Chrome V8 ArrayShift Race Condition Remote Code Execution