The vulnerability, identified as CVE-2023-6204, allowed for the possibility of an out-of-bounds read and memory data leak into images created on the canvas element, depending on the graphics settings and drivers. Hayyim Security’s JSec brought this to our attention. The vulnerability, known as CVE-2023-6205, might have resulted in an exploitable crash by allowing the use of a MessagePort after it has already been released. This problem was reported by Yangkang of the 360 ATA Team.
The black fade animation that appears after a fullscreen session ends is related to the CVE-2023-6206 issue, which is the duration of the permission prompt anti-clickjacking delay. Customers could be surprised by this fact and be convinced to click where the permission grant button should have appeared. Hafiizh reported the problem.