We'll use this as a discussion (non-news) thread for now on the CVE-2017-2491 / CVE-2017-2536 Spread Overflow Exploit WebKit bugs by Phoenhex.
While the earlier PS4 4.70 WebKit Exploit GIT by LordYusei doesn't appear complete so unable to be tested and verified, @GritNGrind let us know in the Shoutbox that he tested the Phoenhex GIT on his PS4 4.50 and 4.55 consoles and says he can get them to hang the browser without a crash.
Some other feedback / thoughts from him on it:
While the earlier PS4 4.70 WebKit Exploit GIT by LordYusei doesn't appear complete so unable to be tested and verified, @GritNGrind let us know in the Shoutbox that he tested the Phoenhex GIT on his PS4 4.50 and 4.55 consoles and says he can get them to hang the browser without a crash.
Some other feedback / thoughts from him on it:
- once you leave the browser using the PS button you can't come back in, as a matter of fact you can't do anything but shutdown the PS4
- you can keep hitting the PS button and see the menus, but can't click on them, then had to pull plug to PS4
- someone crafty could use this for sure
- tested on 3.55 with no luck, my guess is it's on older webkit and not compatible with this newer code
- change array at x8
- and yes even tho system in frozen state it's not completely frozen leaves it vulnerable