Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-6554 PoC — Google Chrome 安全漏洞

Source
https://github.com/gmh5225/CVE-2025-6554
Associated Vulnerability
Title:Google Chrome 安全漏洞 (CVE-2025-6554)
Description:Google Chrome是美国谷歌(Google)公司的一款Web浏览器。 Google Chrome 138.0.7204.96之前版本存在安全漏洞,该漏洞源于V8类型混淆问题,可能导致通过特制HTML页面执行任意读写操作。
Readme
# CVE-2025-6554

## Reproducing the Vulnerability
```setup
for macOS:
brew intsall ninja

git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git
export PATH=/path/to/depot_tools:$PATH

fetch v8
cd v8
git checkout 13.8.500258
gclient sync -D
sh v8asan.sh
autoninja -C out/arm64.asan d8
ASAN_OPTIONS=detect_leaks=1:halt_on_error=0 ./d8 --allow-natives-syntax --trace-opt --trace-deopt poc-CVE-2025-6554.js

for linux:
apt-get update && apt-get install -y git python3 g++ make gdb wget curl

git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git
export PATH="/root/depot_tools:${PATH}"

mkdir -p /root/v8_build_sandbox
cd /root/v8_build_sandbox
fetch v8
cd v8
git checkout 13.8.500258
gclient sync -D
tools/dev/v8gen.py x64.debug.asan
ninja -C out.gn/x64.debug.asan d8
mkdir -p /root/v8_tests
ASAN_OPTIONS=detect_leaks=1:halt_on_error=0 /root/v8_build_sandbox/v8/out.gn/x64.debug.asan/d8 --allow-natives-syntax --trace-opt --trace-deopt /root/v8_tests/poc-CVE-2025-6554.js
```
File Snapshot

 [4.0K]  /data/pocs/243bcf229424f32093f809fb0072f431f2aa607d
├── [3.4K]  poc-CVE-2025-6554.js
├── [1015]  README.md
└── [ 348]  v8asan.sh

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.