Recent Webkit vulnerability hits PS4 6.02

  • Hello Guest! Welcome to ConsoleCrunch, to help support our site check out the premium upgrades HERE! to get exclusive access to our hidden content.
  • Unable to load portions of the website...
    If you use an ad blocker addon, you should disable it because it interferes with several elements of the site and blocks more than just adverts.
  • Read Rules Before Posting Post Virus Scans with every program.

Douglas Oliveira

Public Legend
Retired Staff
Local Legend
Local Hero
Local Celebrity
Community Elite
Community Veteran
Determined Poster
Active Member
Console ID Poster
Jun 5, 2015
3,915
7,498
1,268
Brasil
Hacker Vultra has shared a proof of concept of a semi-recent webkit vulnerability, which seems to impact the latest PS4 firmware 6.02.

More precisely, the bug impacts recent versions of the Webkit engine on PS4 6.00 and above, up to the 6.10 Beta. Firmwares 5.xx and below are apparently not vulnerable, possibly because their version of Webkit doesn’t have the vulnerable function.

The vulnerability itself (a bug in JSC::arrayProtoPrivateFuncConcatMemcpy) was first detailed on externalist’s github about 4 months ago. It is assigned CVE Number CVE-2018-4538, and another detailed writeup (from September) on the vulnerability and how it is exploitable in Safari can be found here.

The vulnerability has been fixed in Webkit several months ago, but it seems the patch might not have made it to the PS4 yet.

There is no doubt that Sony will ultimately bring the fix to their Webkit implementation. Additionally, user exploits such as webkit exploits are historically not useful “as is” on modern consoles*, where they are typically just used as entry points for privilege escalation (kernel exploits or Jailbreaks). Therefore, the chances of this becoming more than a proof of concept are very slim.

With that being said, if you are running on PS4 6.00 or above, you can give a try to the proof of concept by pointing your PS4 browser to https://c0rpvultra.github.io/PS4_jsc_ConcatMemcpy_POC/.?
 

QM|T_JinX

Public Hero
Retired Staff
Local Hero
Local Celebrity
Community Elite
Community Veteran
Determined Poster
Active Member
Console ID Poster
Oct 10, 2016
2,546
4,511
818
good post bro
 
General chit-chat
Help Users
    Chat Bot: gutdiet is our newest member. Welcome!