Switch System Flaws: Difference between revisions
mNo edit summary |
Totally forgot about this useless bug |
||
| Line 110: | Line 110: | ||
| January 20, 2018 | | January 20, 2018 | ||
| [[User:SciresM|SciresM]] and [[User:motezazer|motezazer]] | | [[User:SciresM|SciresM]] and [[User:motezazer|motezazer]] | ||
|- | |||
| Infoleak in TrustZone's unknown exception vector | |||
| The unknown exception vector acts as a simple wrapper for TrustZone's panic function, but before calling the actual panic function, this vector loads the TMR MMIO region's virtual address (0x1F008B000 on [2.0.0+]) to X0 and stores the value 0x7F00010 in PMC_SCRATCH200's virtual address (0x1F0089C40 on [2.0.0+]). | |||
This is meant to set the panic color to 0x0077FF and the panic code to 0x10 (unknown exception). However, prior to [[4.0.0]], instead of dereferencing a pointer to the 0x7F00010 value (stored as data inside the exception vectors' memory space) the actual pointer would be written to PMC_SCRATCH200. | |||
| Nothing. | |||
| [[4.0.0]] | |||
| [[4.0.0]] | |||
| January, 2018 | |||
| February 18, 2018 | |||
| [[User:Hexkyz|hexkyz]] | |||
|- | |- | ||
|} | |} | ||