WebKit Weekly
Log in
← All issues

This Week in WebKit — April 18–24, 2026

491
Total commits
11
Security fixes
7 High, 4 Medium
121
Contributors
Top components WebCore · Platform · WebKit · JSC · Other

Featured

Two reads against the same TypedArray, with a Worker looping `grow()` in between — the race is winnable in a few thousand attempts.

JSC's copy-producing methods read the array's length first to size the destination, then go back later for the source data. A Worker thread calling grow() in a tight loop will eventually land a call between those two reads — destination sized for the old length, copy source pointing at the new one. The regression test demonstrates the win in a few thousand iterations on commodity hardware.

Likely the same shape lurks in any prototype method that reads length and span as separate trips — worth a grep across the array protos.
→ TypedArray TOCTOU heap overflow in toSorted/toReversed/with High JSC TypedArray prototype methods
A failed sandbox extension call returned silently. The Networking process kept reading anyway.

WebContent asks the UI process for a sandbox extension before loading a local file, then forwards the extension token to the Networking process. When extension creation fails, WebContent just continues — and the Networking process, never told the access was denied, reads the file. Any compromised WebContent could pull local files without ever holding a valid extension.

The canonical 'failed extension, silent continue' shape — useful as a pattern when auditing other IPC sandbox flows.
→ WebContent sandbox bypass for local file reads High WebKit WebProcess loader / NetworkProcess resource load parameters
An iterator over a HashMap that rehashed mid-walk. WGSL didn't see it coming.

GlobalVariableRewriter walks a HashMap to propagate length parameters into a struct definition. The walk inserts new entries into the same map, and when the map crosses its load-factor threshold it rehashes — moving the underlying storage out from under the active iterator. The rest of the walk reads memory that no longer belongs to the map. Reachable from any shader that compiles through this path.

Iterator-on-rehash UAFs in shader compilers are an underexplored class — this one reads as the model case.
→ WGSL GlobalVariableRewriter iterator-invalidation UAF Medium WebGPU WGSL compiler — GlobalVariableRewriter
Lockdown Mode's MTE depends on a sysctl. The sandbox blocks that sysctl.

MTE hardening turns on by reading a sysctl at libpas init. The CaptivePortal WebContent sandbox happens to block that sysctl — the read fails silently, libpas concludes MTE is unsupported on this CPU, and configures itself without it. The profile that's supposed to be the hardest target runs with weaker heap protections than a default WebContent.

Not a memory error — a silently-disabled hardening. Worth checking other init-time sysctl reads against the active sandbox profile.
→ libpas MTE Lockdown Mode initialization bypass Medium libpas (bmalloc) MTE configuration
BFCache used to assume a page lived in one process. Site Isolation broke that assumption.

A page can now have subframes spread across many processes, and BFCache has to coordinate suspension across all of them while a navigation is in flight. The new SuspendedPageProxy state machine tracks per-process state and reconciles it on commit. The interesting question is what happens when one of those processes crashes mid-suspend.

If you research site-isolation security boundaries, SuspendedPageProxy is now a primary surface to follow.
→ Multi-process BFCache suspension for Site Isolation feature

Security fixes

Notable development