1,359
edits
Changes
Jump to navigation
Jump to search
mLine 3:
Line 3: − − These are the current public Switch System Flaws. Line 23:
Line 21: − + − + + Line 36:
Line 35: − + Line 46:
Line 45: − == Kernel software==+ − + Line 59:
Line 58: − + Line 67:
Line 66: + + + + + + + + + + + + + + + + + + + + + + +
Reverted edits by Uyuiyu (talk) to last revision by Qlutoo
=List of Switch System Flaws=
=List of Switch System Flaws=
== Hardware ==
== Hardware ==
|-
|-
|}
|}
==ARM TrustZone software==
===ARM TrustZone===
== System software ==
=== Kernel ===
{| class="wikitable" border="1"
{| class="wikitable" border="1"
|-
|-
! Discovered by
! Discovered by
|-
|-
| No public ARM TrustZone exploits
| No public Kernel exploits
|
|
|
|
|-
|-
|}
|}
===Kernel===
=== TrustZone ===
{| class="wikitable" border="1"
{| class="wikitable" border="1"
|-
|-
! Discovered by
! Discovered by
|-
|-
| No public Kernel exploits
| No public ARM TrustZone exploits
|
|
|
|
|
|
|
|
|-
|}
=== System Modules ===
{| class="wikitable" border="1"
|-
! Summary
! Description
! Successful exploitation result
! Fixed in system version
! Last system version this flaw was checked for
! Timeframe this was discovered
! Public disclosure timeframe
! Discovered by
|-
| OOB Read in NS system module (pl:utoohax, pl:utonium, maybe other names)
| Prior to [[3.0.0]], pl:u (Shared Font services implemented in the NS sysmodule) service commands 1,2,3 took in a signed 32-bit index and returned that index of an array but did not check that index at all. This allowed for an arbitrary read within a 34-bit range (33-bit signed) from NS .bss. In [[3.0.0]], sending out of range indexes causes error code 0x60A to be returned.
| Dumping full NS .text, .rodata and .data, infoleak, etc
| [[3.0.0]]
| [[3.0.0]]
| April 2017
| On exploit's fix in [[3.0.0]]
| qlutoo, Reswitched team (independently)
|-
|-
|}
|}