CVE-2018-8385
Description
A scripting engine memory corruption vulnerability in Microsoft browsers (ChakraCore, Edge, Internet Explorer) allows remote code execution via crafted content.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A scripting engine memory corruption vulnerability in Microsoft browsers (ChakraCore, Edge, Internet Explorer) allows remote code execution via crafted content.
Vulnerability
The vulnerability exists in the way the Chakra scripting engine handles objects in memory [1][2][3]. It affects Internet Explorer 9, 10, and 11, Microsoft Edge, and ChakraCore [2]. The issue involves an inconsistent state when merging block data for loops, where a non-temporary symbol can be treated as temporary, leading to memory corruption [4]. Additional flaws include incorrect elimination of bound checks (potentially causing out-of-bounds read/write) and re-entrancy issues during marshalling when proxies are in the prototype chain [4].
Exploitation
An attacker can host a specially crafted website or inject content into a compromised site [3]. The target user must browse to this page using an affected browser. No authentication is required; the attacker only needs network access to deliver the malicious content. By triggering the memory corruption via crafted JavaScript, the attacker can execute arbitrary code in the context of the current user [2][3].
Impact
Successful exploitation allows remote code execution, giving the attacker the same user rights as the logged-on user [2]. If the user has administrative privileges, the attacker can install programs, view/change/delete data, or create new accounts with full user rights [2]. The impact includes complete compromise of confidentiality, integrity, and availability.
Mitigation
Microsoft released security updates on August 14, 2018, which are confirmed as a fix [1][3]. Users should apply the latest updates via Windows Update or Microsoft Update. No workarounds are documented in the provided references. The update addresses the memory corruption in ChakraCore and the affected browsers [4].
- Microsoft Internet Explorer and Edge CVE-2018-8385 Remote Memory Corruption Vulnerability
- NVD - CVE-2018-8385
- Microsoft Edge Multiple Bugs Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, Gain Elevated Privileges, and Bypass Security Restrictions on the Target System
- August 2018 Security Update by aneeshdk · Pull Request #5596 · chakra-core/ChakraCore
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.ChakraCoreNuGet | < 1.10.2 | 1.10.2 |
Affected products
6- Range: ChakraCore
Windows Server 2012+ 2 more
- (no CPE)range: Windows Server 2012
- (no CPE)range: Windows 10 for 32-bit Systems
- (no CPE)range: Windows Server 2008 for 32-bit Systems Service Pack 2
Patches
1f00612bbc365[CVE-2018-8385] Edge - Logic bug in Chakra temp tracker leads to invalid pointer read - Internal
1 file changed · +13 −3
lib/Backend/TempTracker.cpp+13 −3 modified@@ -79,9 +79,19 @@ TempTrackerBase::~TempTrackerBase() void TempTrackerBase::MergeData(TempTrackerBase * fromData, bool deleteData) { - nonTempSyms.Or(&fromData->nonTempSyms); - tempTransferredSyms.Or(&fromData->tempTransferredSyms); - MergeDependencies(tempTransferDependencies, fromData->tempTransferDependencies, deleteData); + this->nonTempSyms.Or(&fromData->nonTempSyms); + this->tempTransferredSyms.Or(&fromData->tempTransferredSyms); + this->MergeDependencies(this->tempTransferDependencies, fromData->tempTransferDependencies, deleteData); + if (this->tempTransferDependencies) + { + FOREACH_HASHTABLE_ENTRY(BVSparse<JitArenaAllocator> *, bucket, this->tempTransferDependencies) + { + if (bucket.element->Test(&this->nonTempSyms)) + { + this->nonTempSyms.Set(bucket.value); + } + } NEXT_HASHTABLE_ENTRY; + } } void
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
9- github.com/advisories/GHSA-67x3-36j7-pj4gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-8385ghsaADVISORY
- www.securityfocus.com/bid/105039mitrevdb-entryx_refsource_BID
- www.securitytracker.com/id/1041457mitrevdb-entryx_refsource_SECTRACK
- github.com/chakra-core/ChakraCore/commit/f00612bbc3657f1ec33a9e7d575c16a5489d06aaghsaWEB
- github.com/chakra-core/ChakraCore/pull/5596ghsaWEB
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8385ghsax_refsource_CONFIRMWEB
- web.archive.org/web/20210124195607/http://www.securityfocus.com/bid/105039ghsaWEB
- web.archive.org/web/20211203061111/http://www.securitytracker.com/id/1041457ghsaWEB
News mentions
0No linked articles in our index yet.