Browsers are sandboxed by the kernel, and we're talking about bugs in the kernel here...
Even if modern browsers lean more on kernel features, initially the sandboxing in browsers is implemented through a managed runtime.
alt Hacker News
Even if modern browsers lean more on kernel features, initially the sandboxing in browsers is implemented through a managed runtime.