The Hat Trick - Exploit Chrome Twice from Runtime to JIT

Explore a 35-minute Black Hat conference talk that delves into the security vulnerabilities hidden within Google's JavaScript engine V8, focusing on the Maglev mid-tier compiler. Learn about the potential exploits in Chrome's runtime and Just-In-Time (JIT) compilation process, stemming from newer features like built-in functions and optimization layers. Discover how complex code logic in the Maglev compilation layer can conceal undetected security risks. Gain insights from security researchers Nan Wang and Zhenghang Xiao as they uncover and explain these critical vulnerabilities in Chrome's JavaScript engine.

The Hat Trick: Exploit Chrome Twice from Runtime to JIT