Browser Reaper: exploit causes Firefox to crash
A security researcher has developed an attack that exploits a Firefox bug, making it possible to crash the web browser.
Sabri Haddouche used his Browser Reaper website to share a live test version of the exploit -- the site is also home to exploits for Chrome and Safari. The Firefox attack uses JavaScript to crash or freeze the browser, with the effect of the exploit depending on whether the browser is running on Linux, Windows or macOS.
See also:
- Users balk as Chrome 69 forcibly signs them into the browser
- Chrome OS 69 rolls out with Linux app support and new Material Theme
- How get rid of Chrome's stupid new rounded look
By simply visiting a specially-crafted website, it is possible to kill Firefox, and the problems affects all versions of the web browser including Beta and Nightly builds. In some circumstances, in addition to taking down the browser, the attack can cause the host operating system to crash as well.
In addition to sharing the exploit on Browser Reaper, Haddouche went public with his findings on Twitter:
(and yes, it includes a crash / freeze for Firefox and its source code as promised) pic.twitter.com/Q6UlBWIXe6
— Sabri (@pwnsdx) September 23, 2018
Speaking to BleepingComputer, Haddouche explained:
What happens is that we generate a file (a blob) that contains an extremely long filename and prompt the user to download it every 1ms, therefore it flood the IPC channel between the child and main process, making the browser at the very least freeze.
The source code for the exploit can be found on GitHub. The problem has been reported to Mozilla, but no patch has yet been created. It is possible to avoid the problem by disabling JavaScript, or using a tool such as NoScript.