Tested on three Android devices (version 9, 13, 16) with different Firefox versions under 150 (had to modify for older).
Two boot looped, I had to enter recovery and the other just powered off [0].
This is a big one, considering the fact that kernel updates are very rare on Android phones. Hopefully backporting is done.
Maybe browsers should employ a "New tab without JavaScript" as an option when browsing random sites/blogs, with reader mode forced for fixing JS dependent layouts.
I've seen few hardware video decoder exploits via browser as well but software decoding is an option. (browser flags)
Updating browsers and trusting/verifying apps is the usual way to mitigate but it doesn't seem to be enough.
I'll probably dedicate a tablet for browsing websites/HN from now on instead of using my personal smartphone/PC ...
Tested on three Android devices (version 9, 13, 16) with different Firefox versions under 150 (had to modify for older).
Two boot looped, I had to enter recovery and the other just powered off [0].
This is a big one, considering the fact that kernel updates are very rare on Android phones. Hopefully backporting is done.
Maybe browsers should employ a "New tab without JavaScript" as an option when browsing random sites/blogs, with reader mode forced for fixing JS dependent layouts.
I've seen few hardware video decoder exploits via browser as well but software decoding is an option. (browser flags)
Updating browsers and trusting/verifying apps is the usual way to mitigate but it doesn't seem to be enough. I'll probably dedicate a tablet for browsing websites/HN from now on instead of using my personal smartphone/PC ...
[0] IonStack https://rootme.nebusec.ai
fwiw, the firefox vulnerability seems to be CVE-2026-10702 (type confusion in the ionmonkey jit compiler): https://www.sentinelone.com/vulnerability-database/cve-2026-...
Forgot to include "LPE" (local...) in the title so most of us can get back to weekending.
they also found a type confusion in firefox/ionmonkey, so you can go from random website to pwned very quickly.
Since this enables container escape, sounds like this might still impact quite a lot of us?
>Google has rewarded us $92,337 in kernelCTF
I'm all ears now
Seems low considering the wide impact, but maybe the only thing corporations throw big money at is remote exploits?
That's a huge amount of money for a vulnerability.
Daaaaamn: "GhostLock was introduced in Linux 2.6.39 and fixed in Linux 7.1."
dupe of https://news.ycombinator.com/item?id=48834309
upvoted your submission!
isn't that the worst, when you post a breaking story first and someone else's dupe hits front page? upvoted your original :)
Also https://news.ycombinator.com/item?id=48826404
A what?
Use after free?