Switch System Flaws: Difference between revisions

← Older edit Newer edit →

@@ Line 3: / Line 3: @@
 =List of Switch System Flaws=
+These are currently public Switch System Flaws.
 == Hardware ==
@@ Line 21: / Line 23: @@
 |-
 |}
+==ARM TrustZone software==
-== System software ==
+===ARM TrustZone===
-=== Kernel ===
 {| class="wikitable" border="1"
 |-
@@ Line 35: / Line 36: @@
 !  Discovered by
 |-
-|  No public Kernel exploits
+|  No public ARM TrustZone exploits
 |
 |
@@ Line 45: / Line 46: @@
 |-
 |}
+== Kernel software==
-=== TrustZone ===
+===Kernel===
 {| class="wikitable" border="1"
 |-
@@ Line 58: / Line 59: @@
 !  Discovered by
 |-
-|  No public ARM TrustZone exploits
+|  No public Kernel exploits
 |
 |
@@ Line 66: / Line 67: @@
 |
 |
-|-
-|}
-=== System Modules ===
-{| class="wikitable" border="1"
-|-
-!  Summary
-!  Description
-!  Successful exploitation result
-!  Fixed in system version
-!  Last system version this flaw was checked for
-!  Timeframe this was discovered
-!  Public disclosure timeframe
-!  Discovered by
-|-
-|  OOB Read in NS system module (pl:utoohax, pl:utonium, maybe other names)
-|  Prior to [[3.0.0]], pl:u (Shared Font services implemented in the NS sysmodule) service commands 1,2,3 took in a signed 32-bit index and returned that index of an array but did not check that index at all. This allowed for an arbitrary read within a 34-bit range (33-bit signed) from NS .bss. In [[3.0.0]], sending out of range indexes causes error code 0x60A to be returned.
-|  Dumping full NS .text, .rodata and .data, infoleak, etc
-|  [[3.0.0]]
-|  [[3.0.0]]
-|  April 2017
-|  On exploit's fix in [[3.0.0]]
-|  qlutoo, Reswitched team (independently)
 |-
 |}