As testing the previous Use-After-Free vulnerability (CVE-2021-1879) didn't favor the PlayStation 4 Scene, developer @Al Azif on Twitter retweeted another Use-After-Free vulnerability (CVE-2021-30858) by Anonymous via maddiestone that @Nazky on Twitter added to Github to try with PS4 WebKit revisions up to the most recent PS4 Firmware 9.00 in hopes of another userland entry point for Future PS4 Jailbreaking or improving the current PS4JB2 jailbreak exploit's stability.
Proof-of-Concept code of CVE-2021-30858 via maddiestone (Google Security Researcher):
Cheers to FxckThePolice for the heads-up on this earlier, below are some Tweet highlights and a screenshot thanks to M4rra_ on Twitter with many test results on various firmware versions added to the spoiler... however, @CTurt's $10K PlayStation Bug Bounty on HackerOne.com this past August remains a mystery as CTurtE has yet to elaborate and as usual it's not advisable to update your PS4 console:
Spoiler
Code:
THIS SITE IS A TEST FOR THE WEBKIT VULNERABILITY FOR THE PS4
CLICK OK
IF YOU DON'T SEE ANY 'API PATCHED' ERROR OR 'MEMORY ERROR'
ALERT OR ANY ERROR ALERT THAT'S MEAN IT'S NOT PATCH
Code:
var fontFace1 = new FontFace("font1", "", {});
var fontFaceSet = new FontFaceSet([fontFace1]);
fontFace1.family = "font2";
Cheers to FxckThePolice for the heads-up on this earlier, below are some Tweet highlights and a screenshot thanks to M4rra_ on Twitter with many test results on various firmware versions added to the spoiler... however, @CTurt's $10K PlayStation Bug Bounty on HackerOne.com this past August remains a mystery as CTurtE has yet to elaborate and as usual it's not advisable to update your PS4 console:
Spoiler