Google looks at bypass in Chromium's ASLR security defense, throws hands up, won't patch garbage issue

Engineers write off GC abuse because Spectre broke everything anyway

In early November, a developer contributing to Google's open-source Chromium project reported a problem with Oilpan, the garbage collector for the browser's Blink rendering engine: it can be used to break a memory defense known as address space layout randomization (ASLR).…

from The Register