← LibraryTechnique entry
BRW-JSC-GARBAGE-COLExecution
JSC (Safari) Garbage Collector Bug
JavaScriptCore GC use-after-free / mark-stack inconsistency — repeatable on Pwn2Own most years for an iOS / macOS Safari renderer pop.
§ Where this technique fits
BRW-JSC-GARBAGE-COL is catalogued under the Execution tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.