Google has updated its Chrome browser to support the V8 Sandbox aimed at curbing the spread of V8 memory corruption issues within the host process, according to The Hacker News.
Such in-process sandbox has been designed to facilitate heap memory isolation in V8, which would prevent any impact on other portions of the process' memory in the event of memory corruption due to its utilization of "sandbox-compatible" alternatives in accessing out-of-sandbox memory, said the Chromium team.
"The sandbox is motivated by the fact that current memory safety technologies are largely inapplicable to optimizing JavaScript engines. While these technologies fail to prevent memory corruption in V8 itself, they can in fact protect the V8 Sandbox attack surface. The sandbox is therefore a necessary step towards memory safety," noted V8 Security Technical Lead Samuel Grob.
Such a development follows Google's recent emphasis on the use of Kernel Address Sanitizer in bolstering Android memory vulnerability detection and firmware security.
