The doesGC function simply takes a node, and tells if it might cause a garbage collection. This function is used to determine whether to insert write barriers. But it is missing some cases such as StringCharAt, StringCharCodeAt and GetByVal that might cause a garbage collection via rope strings. As a result, it can lead to a use-after-free condition.
bc8f411013dffe95aeaebd8e26ff3d39ee578b4902d99f8e61e2efdb6d784584
WebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities that can lead to code execution.
a7ec001ae70f4424c933c3e526ad4f1f1edfb80ffe8e45ec92f1ffebddd58f71
Apple Security Advisory 2018-12-06-1 - watchOS 5.1.2 is now available and addresses code execution and denial of service vulnerabilities.
b31b5d84275ab86d5de6eb64f823d4d4f2c737351a2aae11e07b65eb769ee838
Apple Security Advisory 2018-12-05-5 - iTunes 12.9.2 for Windows is now available and addresses code execution vulnerabilities.
3ba98a99d8d04867b300da079e642f9cdfd9b59bb2e2e1e102ed0bfd34135365
Apple Security Advisory 2018-12-05-6 - iCloud for Windows 7.9 is now available and addresses code execution vulnerabilities.
1a9de6df9a70730a6786bc8162f88331c49c15daf62697bd42ee70d1dab3de34
Apple Security Advisory 2018-12-05-3 - tvOS 12.1.1 is now available and addresses code execution and denial of service vulnerabilities.
45e73879cdd1bb835550af6cce9e70ca59503dec4504a0f894ab04914428e2d5
Apple Security Advisory 2018-12-05-4 - Safari 12.0.2 is now available and addresses code execution vulnerabilities.
73adbacb12e3fb236b787068a1140087bda47a5661923774a09868feda45903b
Apple Security Advisory 2018-12-05-1 - iOS 12.1.1 is now available and addresses code execution and denial of service vulnerabilities.
df25f738299308219d60f05a90535c1efff6c5fb305f00166a385e4c963066d5