Google just introduced a new feature for its Chrome browser that should eliminate or at least minimize memory corruption vulnerabilities.
It’s called V8 Sandbox and is described as a “lightweight, in-process sandbox for V8.”
For those who don’t know, V8 is a JavaScript and WebAssembly engine that Google developed for the Chrome browser. It is free and open source and part of the Chromium project. It is also used in other, non-browser related projects, such as the Node.js runtime system.
Fundamentally cheap approach
In a recently published technical article, Google states that all Chrome exploits found in the wild over the past three years (2021-2023) started with a memory corruption vulnerability in a Chrome renderer process that was exploited for remote code execution . The majority of these vulnerabilities (60%) were found in V8.
This motivated the team to look for a solution, and after almost three years of construction, they came up with the V8 Sandbox, a tool that is “no longer considered an experimental security feature.” The tool is already included in Chrome’s Vulnerability Reward Program (VRP) and in Chrome 123 – which could be considered “a kind of ‘beta’ release for the sandbox,” they said.
The idea behind V8 Sandbox is no different than any other sandbox: all code that V8 executes is confined to a subset of the process’s virtual address space, and isolated from the rest of the process.
On the V8 blog, security engineering lead Samuel Groß said the approach is “fundamentally cheap”: the overhead caused by the sandbox is about 1% or less, according to results from Speedometer and JetStream. That means V8 Sandbox can be enabled by default on compatible platforms, i.e. Android, ChromeOS, Linux, macOS and Windows.
“The V8 Sandbox requires a 64-bit system because it needs to reserve a large amount of virtual address space, currently one terabyte,” said Groß.