Chromium Browser DoS Attack via Document.title Exploitation
5 months ago
- #vulnerability
- #browser
- #security
- Brash is a critical vulnerability in Chromium's Blink rendering engine, causing browsers to crash in 15-60 seconds.
- The exploit works by abusing the lack of rate limiting on the `document.title` API, allowing millions of DOM mutations per second.
- This saturation of the main thread disrupts the event loop, leading to browser collapse and high CPU usage.
- Affects all Chromium-based browsers (Chrome, Edge, Vivaldi, etc.), but Firefox and Safari are immune.
- The attack involves preloading 100 unique strings to maximize speed and avoid detection.
- Three phases: string generation, burst execution, and continuous updates leading to UI freeze.
- Impact includes system performance degradation, process halting, and potential for coordinated attacks.
- Can be weaponized with delayed or scheduled execution, making it dangerous in critical scenarios.
- Potential real-world impacts: financial market disruption, medical emergencies, and fraud exploitation.
- Intended for educational and security research purposes only, with strict ethical guidelines.