Switch System Flaws: Difference between revisions
		
		
		
		Jump to navigation
		Jump to search
		
| Line 21: | Line 21: | ||
| |- | |- | ||
| |} | |} | ||
| == | |||
| === | == System software == | ||
| === Kernel === | |||
| {| class="wikitable" border="1" | {| class="wikitable" border="1" | ||
| |- | |- | ||
| Line 34: | Line 35: | ||
| !  Discovered by | !  Discovered by | ||
| |- | |- | ||
| |  No public  | |  No public Kernel exploits   | ||
| | | | | ||
| | | | | ||
| Line 44: | Line 45: | ||
| |- | |- | ||
| |} | |} | ||
| === | === TrustZone === | ||
| {| class="wikitable" border="1" | {| class="wikitable" border="1" | ||
| |- | |- | ||
| Line 57: | Line 58: | ||
| !  Discovered by | !  Discovered by | ||
| |- | |- | ||
| |  No public  | |  No public ARM TrustZone exploits   | ||
| | | | | ||
| | | | | ||
| Line 68: | Line 69: | ||
| |} | |} | ||
| ===System Modules=== | === System Modules === | ||
| {| class="wikitable" border="1" | {| class="wikitable" border="1" | ||
| |- | |- | ||
Revision as of 16:08, 20 June 2017
System Flaws are used to execute unofficial code (homebrew) on the Nintendo Switch. This page is a list of known and public Switch System Flaws.
List of Switch System Flaws
Hardware
| Summary | Description | Fixed with hardware model/revision | Newest hardware model/revision this flaw was checked for | Timeframe this was discovered | Discovered by | 
|---|---|---|---|---|---|
| No public hardware exploits | 
System software
Kernel
| Summary | Description | Successful exploitation result | Fixed in system version | Last system version this flaw was checked for | Timeframe this was discovered | Public disclosure timeframe | Discovered by | 
|---|---|---|---|---|---|---|---|
| No public Kernel exploits | 
TrustZone
| Summary | Description | Successful exploitation result | Fixed in system version | Last system version this flaw was checked for | Timeframe this was discovered | Public disclosure timeframe | Discovered by | 
|---|---|---|---|---|---|---|---|
| No public ARM TrustZone exploits | 
System Modules
| Summary | Description | Successful exploitation result | Fixed in system version | Last system version this flaw was checked for | Timeframe this was discovered | Public disclosure timeframe | Discovered by | 
|---|---|---|---|---|---|---|---|
| OOB Read in NS system module (pl:utoohax, pl:utonium, maybe other names) | Prior to 3.0.0, pl:u (Shared Font services implemented in the NS sysmodule) service commands 1,2,3 took in a signed 32-bit index and returned that index of an array but did not check that index at all. This allowed for an arbitrary read within a 34-bit range (33-bit signed) from pl:u .bss. In 3.0.0, sending out of range indexes causes error code 0x60A to be returned. | Dumping full NS .text, .rodata and .data, infoleak, etc | 3.0.0 | 3.0.0 | April 2017 | On exploit's fix in 3.0.0 | qlutoo, Reswitched team (independently) |