HTTP/1.1 200 OK
Date: Mon, 05 Jan 2026 06:09:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7OQse3O57muHnWUmxsbusbaZx2cEsrblcOgeZeJNIh52Tl87BEyqurt7vRecGjDHrjG66%2BXFj44xGpeJewTZ4O6WGITd2XMB11E2MVt3UJ8LoDL%2FGg%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
cf-cache-status: DYNAMIC
CF-RAY: 9b90ce590be6002f-LHR
alt-svc: h3=":8443"; ma=86400

Page title: 

  Home – Anvbis



<!DOCTYPE html>
<html lang="en">

    <head>
	<meta name="generator" content="Hugo 0.92.2" /><title>

  Home &ndash; Anvbis

</title>
<meta name="description" content="">

<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8"/>



<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css" integrity="sha512-1sCRPdkRXhBV2PBLUdRb4tMg1w2YPf37qatUFeS7zlBy7jJI8Lf4VHwWfZZfpXtYSLy85pkm9GaYVYMfw5BC1A==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/academicons/1.9.1/css/academicons.min.css" integrity="sha512-b1ASx0WHgVFL5ZQhTgiPWX+68KjS38Jk87jg7pe+qC7q9YkEtFq0z7xCglv7qGIs/68d3mAp+StfC8WKC5SSAg==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://anvbis.au/css/palettes/horizon-dark.css">
<link rel="stylesheet" href="https://anvbis.au/css/risotto.css">
<link rel="stylesheet" href="https://anvbis.au/css/custom.css">
<link rel="stylesheet" href="https://anvbis.au/css/syntax/theme.css">


</head>

    <body>
        <div class="page">

            <header class="page__header"><h1 class="page__logo"><a href="https://anvbis.au/" class="page__logo-inner">anvbis@anvbis</a></h1>
<nav class="page__nav main-nav">
    <ul>
    
    
    <li class="main-nav__item"><a class="nav-main-item" href="https://anvbis.au/about" title="">About</a></li>
    
    </ul>
</nav>
<ul class="aside__social-links">
    
    <li>
        <a href="https://github.com/anvbis" rel="me" aria-label="GitHub" title="GitHub"><i class="fa-brands fa-github" aria-hidden="true"></i></a>&nbsp;
    </li>
    
    <li>
        <a href="/cdn-cgi/l/email-protection#71121e1f0510120531101f071318025f1004" rel="me" aria-label="Email" title="Email"><i class="fa fa-envelope" aria-hidden="true"></i></a>&nbsp;
    </li>
    
</ul>
</header>

            

            <section class="page__body">
    <h1 id="anvbis">Posts</h1>

    

    <ul>
    
        
            <li>
  <a href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">Exploring Historical V8 Heap Sandbox Escapes I</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2023-23-02
    </span>
  </p>
  
    <p>
      In anticipation of the future implementation of CFI on `code_entry_point` fields within function objects, I wanted to explore some patched sandbox escapes that have been found in the past.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">Root Cause Analysis of CVE-2021-21224</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-06-12
    </span>
  </p>
  
    <p>
      An incorrect optimization in TurboFan&#39;s representation changer results in Int64 values being erroneously truncated to Int32 values.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/code-execution-in-chromiums-v8-heap-sandbox/">Code Execution in Chromium&rsquo;s V8 Heap Sandbox</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-27-11
    </span>
  </p>
  
    <p>
      The V8 heap sandbox has been around for quite some time now, and while it initially broke several methods used to gain code execution, ne

HTTP/1.1 200 OK
Date: Mon, 05 Jan 2026 06:09:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qhgSB9igk5OTmzIVxiwuT%2FL%2FFsXvHIyWE%2FKP3qcd0D0dvbCy7qh4iRf9%2FfcUwspmKL63QwB1iYViGThJzdUXmOFHmq5l2DBi8Kn4F69X8y0TFDpkHQ%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
cf-cache-status: DYNAMIC
CF-RAY: 9b90ce586d0244aa-AMS
alt-svc: h3=":8443"; ma=86400

Page title: 

  Home – Anvbis



<!DOCTYPE html>
<html lang="en">

    <head>
	<meta name="generator" content="Hugo 0.92.2" /><title>

  Home &ndash; Anvbis

</title>
<meta name="description" content="">

<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8"/>



<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css" integrity="sha512-1sCRPdkRXhBV2PBLUdRb4tMg1w2YPf37qatUFeS7zlBy7jJI8Lf4VHwWfZZfpXtYSLy85pkm9GaYVYMfw5BC1A==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/academicons/1.9.1/css/academicons.min.css" integrity="sha512-b1ASx0WHgVFL5ZQhTgiPWX+68KjS38Jk87jg7pe+qC7q9YkEtFq0z7xCglv7qGIs/68d3mAp+StfC8WKC5SSAg==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://anvbis.au/css/palettes/horizon-dark.css">
<link rel="stylesheet" href="https://anvbis.au/css/risotto.css">
<link rel="stylesheet" href="https://anvbis.au/css/custom.css">
<link rel="stylesheet" href="https://anvbis.au/css/syntax/theme.css">


</head>

    <body>
        <div class="page">

            <header class="page__header"><h1 class="page__logo"><a href="https://anvbis.au/" class="page__logo-inner">anvbis@anvbis</a></h1>
<nav class="page__nav main-nav">
    <ul>
    
    
    <li class="main-nav__item"><a class="nav-main-item" href="https://anvbis.au/about" title="">About</a></li>
    
    </ul>
</nav>
<ul class="aside__social-links">
    
    <li>
        <a href="https://github.com/anvbis" rel="me" aria-label="GitHub" title="GitHub"><i class="fa-brands fa-github" aria-hidden="true"></i></a>&nbsp;
    </li>
    
    <li>
        <a href="/cdn-cgi/l/email-protection#8be8e4e5ffeae8ffcbeae5fde9e2f8a5eafe" rel="me" aria-label="Email" title="Email"><i class="fa fa-envelope" aria-hidden="true"></i></a>&nbsp;
    </li>
    
</ul>
</header>

            

            <section class="page__body">
    <h1 id="anvbis">Posts</h1>

    

    <ul>
    
        
            <li>
  <a href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">Exploring Historical V8 Heap Sandbox Escapes I</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2023-23-02
    </span>
  </p>
  
    <p>
      In anticipation of the future implementation of CFI on `code_entry_point` fields within function objects, I wanted to explore some patched sandbox escapes that have been found in the past.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">Root Cause Analysis of CVE-2021-21224</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-06-12
    </span>
  </p>
  
    <p>
      An incorrect optimization in TurboFan&#39;s representation changer results in Int64 values being erroneously truncated to Int32 values.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/code-execution-in-chromiums-v8-heap-sandbox/">Code Execution in Chromium&rsquo;s V8 Heap Sandbox</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-27-11
    </span>
  </p>
  
    <p>
      The V8 heap sandbox has been around for quite some time now, and while it initially broke several methods used to gain code execution, ne

HTTP/1.1 200 OK
Date: Mon, 05 Jan 2026 06:09:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=unYrBOnSeR%2FiGrX%2BPAYZ1qK9oIr%2F%2FVJK0ygn4phhh%2BT%2FvLcdVVaOlkxYlXydnb%2BeUJANW%2B7LSOfGtfiajFbp7fcgmT4glr9Rlg%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
cf-cache-status: DYNAMIC
CF-RAY: 9b90ce587c3eb6a8-AMS
alt-svc: h3=":8443"; ma=86400

Page title: 

  Home – Anvbis



<!DOCTYPE html>
<html lang="en">

    <head>
	<meta name="generator" content="Hugo 0.92.2" /><title>

  Home &ndash; Anvbis

</title>
<meta name="description" content="">

<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8"/>



<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css" integrity="sha512-1sCRPdkRXhBV2PBLUdRb4tMg1w2YPf37qatUFeS7zlBy7jJI8Lf4VHwWfZZfpXtYSLy85pkm9GaYVYMfw5BC1A==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/academicons/1.9.1/css/academicons.min.css" integrity="sha512-b1ASx0WHgVFL5ZQhTgiPWX+68KjS38Jk87jg7pe+qC7q9YkEtFq0z7xCglv7qGIs/68d3mAp+StfC8WKC5SSAg==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://anvbis.au/css/palettes/horizon-dark.css">
<link rel="stylesheet" href="https://anvbis.au/css/risotto.css">
<link rel="stylesheet" href="https://anvbis.au/css/custom.css">
<link rel="stylesheet" href="https://anvbis.au/css/syntax/theme.css">


</head>

    <body>
        <div class="page">

            <header class="page__header"><h1 class="page__logo"><a href="https://anvbis.au/" class="page__logo-inner">anvbis@anvbis</a></h1>
<nav class="page__nav main-nav">
    <ul>
    
    
    <li class="main-nav__item"><a class="nav-main-item" href="https://anvbis.au/about" title="">About</a></li>
    
    </ul>
</nav>
<ul class="aside__social-links">
    
    <li>
        <a href="https://github.com/anvbis" rel="me" aria-label="GitHub" title="GitHub"><i class="fa-brands fa-github" aria-hidden="true"></i></a>&nbsp;
    </li>
    
    <li>
        <a href="/cdn-cgi/l/email-protection#096a66677d686a7d4968677f6b607a27687c" rel="me" aria-label="Email" title="Email"><i class="fa fa-envelope" aria-hidden="true"></i></a>&nbsp;
    </li>
    
</ul>
</header>

            

            <section class="page__body">
    <h1 id="anvbis">Posts</h1>

    

    <ul>
    
        
            <li>
  <a href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">Exploring Historical V8 Heap Sandbox Escapes I</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2023-23-02
    </span>
  </p>
  
    <p>
      In anticipation of the future implementation of CFI on `code_entry_point` fields within function objects, I wanted to explore some patched sandbox escapes that have been found in the past.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">Root Cause Analysis of CVE-2021-21224</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-06-12
    </span>
  </p>
  
    <p>
      An incorrect optimization in TurboFan&#39;s representation changer results in Int64 values being erroneously truncated to Int32 values.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/code-execution-in-chromiums-v8-heap-sandbox/">Code Execution in Chromium&rsquo;s V8 Heap Sandbox</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-27-11
    </span>
  </p>
  
    <p>
      The V8 heap sandbox has been around for quite some time now, and while it initially broke several methods used to gain code execution, ne

HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Jan 2026 06:09:18 GMT
Content-Length: 0
Connection: close
Location: https://anvbis.au/
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=i73i9cNPPye8LUd%2Fc4TPAY7chYlWQ06nNvEXDy0ejcYZqTwjdO2wc8%2BhbaucCRbDtw12UJLBJr00nqG2mttywwnnF7aeaCG3ObyveYl8nFGZJGwOIw%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
cf-cache-status: DYNAMIC
CF-RAY: 9b90ce584d72b84d-LHR
alt-svc: h3=":443"; ma=86400

HTTP/1.1 200 OK
Date: Mon, 05 Jan 2026 06:09:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CrndPx3HJlEmAXLvJ3eFTUIa89avVLoNK%2BkT6jabPa7x%2B8YJaQ4TzdtDUxuHjQsZZpGN2MHq9k6Kz4Q5YvNultED4csRoWqbJw%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
cf-cache-status: DYNAMIC
CF-RAY: 9b90ce588cab190b-FRA
alt-svc: h3=":443"; ma=86400

Page title: 

  Home – Anvbis



<!DOCTYPE html>
<html lang="en">

    <head>
	<meta name="generator" content="Hugo 0.92.2" /><title>

  Home &ndash; Anvbis

</title>
<meta name="description" content="">

<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8"/>



<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css" integrity="sha512-1sCRPdkRXhBV2PBLUdRb4tMg1w2YPf37qatUFeS7zlBy7jJI8Lf4VHwWfZZfpXtYSLy85pkm9GaYVYMfw5BC1A==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/academicons/1.9.1/css/academicons.min.css" integrity="sha512-b1ASx0WHgVFL5ZQhTgiPWX+68KjS38Jk87jg7pe+qC7q9YkEtFq0z7xCglv7qGIs/68d3mAp+StfC8WKC5SSAg==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://anvbis.au/css/palettes/horizon-dark.css">
<link rel="stylesheet" href="https://anvbis.au/css/risotto.css">
<link rel="stylesheet" href="https://anvbis.au/css/custom.css">
<link rel="stylesheet" href="https://anvbis.au/css/syntax/theme.css">


</head>

    <body>
        <div class="page">

            <header class="page__header"><h1 class="page__logo"><a href="https://anvbis.au/" class="page__logo-inner">anvbis@anvbis</a></h1>
<nav class="page__nav main-nav">
    <ul>
    
    
    <li class="main-nav__item"><a class="nav-main-item" href="https://anvbis.au/about" title="">About</a></li>
    
    </ul>
</nav>
<ul class="aside__social-links">
    
    <li>
        <a href="https://github.com/anvbis" rel="me" aria-label="GitHub" title="GitHub"><i class="fa-brands fa-github" aria-hidden="true"></i></a>&nbsp;
    </li>
    
    <li>
        <a href="/cdn-cgi/l/email-protection#34575b5a4055574074555a42565d471a5541" rel="me" aria-label="Email" title="Email"><i class="fa fa-envelope" aria-hidden="true"></i></a>&nbsp;
    </li>
    
</ul>
</header>

            

            <section class="page__body">
    <h1 id="anvbis">Posts</h1>

    

    <ul>
    
        
            <li>
  <a href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">Exploring Historical V8 Heap Sandbox Escapes I</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2023-23-02
    </span>
  </p>
  
    <p>
      In anticipation of the future implementation of CFI on `code_entry_point` fields within function objects, I wanted to explore some patched sandbox escapes that have been found in the past.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">Root Cause Analysis of CVE-2021-21224</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-06-12
    </span>
  </p>
  
    <p>
      An incorrect optimization in TurboFan&#39;s representation changer results in Int64 values being erroneously truncated to Int32 values.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/code-execution-in-chromiums-v8-heap-sandbox/">Code Execution in Chromium&rsquo;s V8 Heap Sandbox</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-27-11
    </span>
  </p>
  
    <p>
      The V8 heap sandbox has been around for quite some time now, and while it initially broke several methods used to gain code execution, ne

HTTP/1.1 200 OK
Date: Mon, 05 Jan 2026 06:09:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=iUBZD0JyJNuhPkRGgbzMyxU7o5nIz5Ed7Fyly74%2FrVRZ39KsDzbhCo2F1aWn9E29n53%2BzcdgrjhMocuO8DOFAFWqYNVREx7%2BxahJe7My6sCLYwzjmA%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
cf-cache-status: DYNAMIC
CF-RAY: 9b90ce586a3fc0f7-AMS
alt-svc: h3=":443"; ma=86400

Page title: 

  Home – Anvbis



<!DOCTYPE html>
<html lang="en">

    <head>
	<meta name="generator" content="Hugo 0.92.2" /><title>

  Home &ndash; Anvbis

</title>
<meta name="description" content="">

<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8"/>



<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css" integrity="sha512-1sCRPdkRXhBV2PBLUdRb4tMg1w2YPf37qatUFeS7zlBy7jJI8Lf4VHwWfZZfpXtYSLy85pkm9GaYVYMfw5BC1A==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/academicons/1.9.1/css/academicons.min.css" integrity="sha512-b1ASx0WHgVFL5ZQhTgiPWX+68KjS38Jk87jg7pe+qC7q9YkEtFq0z7xCglv7qGIs/68d3mAp+StfC8WKC5SSAg==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://anvbis.au/css/palettes/horizon-dark.css">
<link rel="stylesheet" href="https://anvbis.au/css/risotto.css">
<link rel="stylesheet" href="https://anvbis.au/css/custom.css">
<link rel="stylesheet" href="https://anvbis.au/css/syntax/theme.css">


</head>

    <body>
        <div class="page">

            <header class="page__header"><h1 class="page__logo"><a href="https://anvbis.au/" class="page__logo-inner">anvbis@anvbis</a></h1>
<nav class="page__nav main-nav">
    <ul>
    
    
    <li class="main-nav__item"><a class="nav-main-item" href="https://anvbis.au/about" title="">About</a></li>
    
    </ul>
</nav>
<ul class="aside__social-links">
    
    <li>
        <a href="https://github.com/anvbis" rel="me" aria-label="GitHub" title="GitHub"><i class="fa-brands fa-github" aria-hidden="true"></i></a>&nbsp;
    </li>
    
    <li>
        <a href="/cdn-cgi/l/email-protection#e2818d8c96838196a2838c94808b91cc8397" rel="me" aria-label="Email" title="Email"><i class="fa fa-envelope" aria-hidden="true"></i></a>&nbsp;
    </li>
    
</ul>
</header>

            

            <section class="page__body">
    <h1 id="anvbis">Posts</h1>

    

    <ul>
    
        
            <li>
  <a href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">Exploring Historical V8 Heap Sandbox Escapes I</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2023-23-02
    </span>
  </p>
  
    <p>
      In anticipation of the future implementation of CFI on `code_entry_point` fields within function objects, I wanted to explore some patched sandbox escapes that have been found in the past.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">Root Cause Analysis of CVE-2021-21224</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-06-12
    </span>
  </p>
  
    <p>
      An incorrect optimization in TurboFan&#39;s representation changer results in Int64 values being erroneously truncated to Int32 values.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/code-execution-in-chromiums-v8-heap-sandbox/">Code Execution in Chromium&rsquo;s V8 Heap Sandbox</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-27-11
    </span>
  </p>
  
    <p>
      The V8 heap sandbox has been around for quite some time now, and while it initially broke several methods used to gain code execution, ne

HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Jan 2026 06:09:18 GMT
Content-Length: 0
Connection: close
Location: https://anvbis.au/
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=pq%2FkDHL2wa94dpDNWCRcwoFs258%2BA8T5uEAEioKhasxrRAQ%2BCONVKN6eTy6d14wIxBaHhMnHSj6xzyMAGqDFwkT3xEQk1N5o3Uv%2BXifrqXvXKY4m8Q%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
cf-cache-status: DYNAMIC
CF-RAY: 9b90ce5838c2d593-AMS
alt-svc: h3=":443"; ma=86400

HTTP/1.1 200 OK
Date: Mon, 05 Jan 2026 06:09:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=U%2Far4hPoXFVTcXFyFOAAnosL7GTEmZDNGJixqtCLY4Kr%2BN7v4bUjW0QRYfj%2FFsc0Y%2FRMLzUNiaToZS3g3YWyQ09%2BAh8%2BK0Txpg%3D%3D"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
cf-cache-status: DYNAMIC
CF-RAY: 9b90ce587d9adc98-FRA
alt-svc: h3=":8443"; ma=86400

Page title: 

  Home – Anvbis



<!DOCTYPE html>
<html lang="en">

    <head>
	<meta name="generator" content="Hugo 0.92.2" /><title>

  Home &ndash; Anvbis

</title>
<meta name="description" content="">

<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8"/>



<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css" integrity="sha512-1sCRPdkRXhBV2PBLUdRb4tMg1w2YPf37qatUFeS7zlBy7jJI8Lf4VHwWfZZfpXtYSLy85pkm9GaYVYMfw5BC1A==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/academicons/1.9.1/css/academicons.min.css" integrity="sha512-b1ASx0WHgVFL5ZQhTgiPWX+68KjS38Jk87jg7pe+qC7q9YkEtFq0z7xCglv7qGIs/68d3mAp+StfC8WKC5SSAg==" crossorigin="anonymous" />


<link rel="stylesheet" href="https://anvbis.au/css/palettes/horizon-dark.css">
<link rel="stylesheet" href="https://anvbis.au/css/risotto.css">
<link rel="stylesheet" href="https://anvbis.au/css/custom.css">
<link rel="stylesheet" href="https://anvbis.au/css/syntax/theme.css">


</head>

    <body>
        <div class="page">

            <header class="page__header"><h1 class="page__logo"><a href="https://anvbis.au/" class="page__logo-inner">anvbis@anvbis</a></h1>
<nav class="page__nav main-nav">
    <ul>
    
    
    <li class="main-nav__item"><a class="nav-main-item" href="https://anvbis.au/about" title="">About</a></li>
    
    </ul>
</nav>
<ul class="aside__social-links">
    
    <li>
        <a href="https://github.com/anvbis" rel="me" aria-label="GitHub" title="GitHub"><i class="fa-brands fa-github" aria-hidden="true"></i></a>&nbsp;
    </li>
    
    <li>
        <a href="/cdn-cgi/l/email-protection#761519180217150236171800141f05581703" rel="me" aria-label="Email" title="Email"><i class="fa fa-envelope" aria-hidden="true"></i></a>&nbsp;
    </li>
    
</ul>
</header>

            

            <section class="page__body">
    <h1 id="anvbis">Posts</h1>

    

    <ul>
    
        
            <li>
  <a href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">Exploring Historical V8 Heap Sandbox Escapes I</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2023-23-02
    </span>
  </p>
  
    <p>
      In anticipation of the future implementation of CFI on `code_entry_point` fields within function objects, I wanted to explore some patched sandbox escapes that have been found in the past.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/exploring-historical-v8-heap-sandbox-escapes-i/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">Root Cause Analysis of CVE-2021-21224</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-06-12
    </span>
  </p>
  
    <p>
      An incorrect optimization in TurboFan&#39;s representation changer results in Int64 values being erroneously truncated to Int32 values.
      <br />
      <span>
        <a style="float: right; margin-right: 30px;" href="https://anvbis.au/posts/root-cause-analysis-of-cve-2021-21224/">
          Read more &#8594;
        </a>
      </span>
      <br />
    </p>
  
</li>

        
            <li>
  <a href="https://anvbis.au/posts/code-execution-in-chromiums-v8-heap-sandbox/">Code Execution in Chromium&rsquo;s V8 Heap Sandbox</a>
  <p style="margin-bottom: 5px; color: var(--muted);">
    
      #browser
    
      #v8
    
      #chromium
    
    <span style="color: var(--muted); float: right; margin-right: 30px">
      2022-27-11
    </span>
  </p>
  
    <p>
      The V8 heap sandbox has been around for quite some time now, and while it initially broke several methods used to gain code execution, ne