The DCHECK Illusion: Why Chrome’s ‘Trusted Path’ Policy Creates the Vulnerabilities It Claims to Prevent
In August 2022, CVE-2022-3075 was disclosed: a heap corruption vulnerability in Chrome’s Mojo IPC that enabled sandbox escape. Google rated it Critical. It had been exploited in the wild. The bug was simple: Mojo’s nullptr element validator skipped type validation in a specific deserialization path. An attacker with renderer code execution could send a crafted … Read more