A technical writeup on a 0day vulnerability I reported inside SpiderMonkey, Firefox’s JS engine0day SpiderMonkey WebAssemblyLearn how to cheese kpwn challenges running on a Ubuntu 24.04 container using a nday on QEMUThis post is about exploiting IOPL privilege escalation using QEMU’s Firmware Configuration (fw_cfg) device.Reviving an old linux novel technique to bypass SMAP through an unimplemented x86 feature in QEMU’s TCGNovel technique I found in the linux kernel useful to exploit restricted dirty pagetable scenarios in a completely reliable and leakless way, through a new kind of “Oriented Programming”.