Skip to content
/ CVE-2025-43529 Public

Root Cause Analysis for CVE-2025-43529, a UAF vulnerability due to incorrect DFG StoreBarrierInsertionPhase in JavaScriptCore.

16 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bjrjk/CVE-2025-43529

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
CVE-2025-43529.pdf
CVE-2025-43529.pdf
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2025-43529

Root Cause Analysis for CVE-2025-43529, a UAF vulnerability due to incorrect DFG StoreBarrierInsertionPhase in JavaScriptCore.

This repository contains a carefully structured root cause analysis slides for this vulnerability, intentionally organized as a tiered explanation to guide the reader step by step from observable behavior to the precise semantic root cause.

The focus is on clarity, correctness, and semantic reasoning, rather than exploitation techniques.

I hope you find it useful and enjoyable. 😊

Analysis: CVE-2025-43529.pdf

Acknowledgement

  • Shoutout to Google Threat Analysis Group for finding the bug.
  • Shoutout to @jir4vv1t for providing a detailed analysis and a wonderfully crafted exploit for me to reproduce.

References

  1. https://github.com/jir4vv1t/CVE-2025-43529

Disclaimer

This repository is intended solely for educational purposes and must not be used for any malicious activities.

About

Root Cause Analysis for CVE-2025-43529, a UAF vulnerability due to incorrect DFG StoreBarrierInsertionPhase in JavaScriptCore.

Resources

Readme
Activity

Stars

16 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published