A type confusion refers to coding bugs during which an app initializes data execution operations using input of a specific "type" but is tricked into treating the input as a different "type."The bug, which is listed as CVE-2020-6418, was disovered by Clement Lecigne, a member of Google's Threat Analysis Group.
The "type confusion" leads to logical errors in the app's memory and can lead to situations where an attacker can run unrestricted malicious code inside an application.
Found and analyzed with a lot of help from @5aelo and Sergei. https://t.co/qeBkjsao4o
— clem1 (@_clem1) February 25, 2020
Via: ZD Net