Switch System Flaws: Difference between revisions

← Older edit Newer edit →

@@ Line 1,124: / Line 1,124: @@
 | June 6, 2025
 | August 8, 2025
-| Yannik
+| [https://github.com/kinnay Yannik]
 |-
 | [[LDN_services|ldn]] AdvertiseData OOB-memcpy with EncryptionType3 (AES-128-GCM) actionframes (ldnhax)
@@ Line 1,328: / Line 1,328: @@
 | December, 2022
 | May, 2024
-| Yannik
+| [https://github.com/kinnay Yannik]
 |}
@@ Line 1,509: / Line 1,509: @@
 | Early April 2022
 | November 16, 2022
-| [[User:Rambo6Glaz|Rambo6Glaz]], Yannik (massive RE help)
+| [[User:Rambo6Glaz|Rambo6Glaz]], [https://github.com/kinnay Yannik] (massive RE help)
 |}
 There's another one more interesting but it will have to wait a bit :)
+== Games ==
+{| class="wikitable" border="1"
+|-
+! Game
+!  Summary
+!  Description
+!  Impact
+!  Fixed in version
+!  Timeframe this was discovered
+!  Public disclosure timeframe
+!  Discovered by
+|-
+| Mario Kart World
+| ASLR leak in application data
+| A memory address can be leaked by changing your username to something short, and hosting a network session in LAN mode (press L + R + Left Stick on the main menu to enable this). The memory address can be found in bytes 12 - 19 of the application data that is transmitted after receiving a browse request.
+'''Note:''' there is more uninitialized data in the packet, but the memory address is probably the most interesting part. The vulnerability was fixed by clearing the application data with zeros, before filling in the information.
+[https://hackerone.com/reports/3463719 HackerOne report]
+| A memory address can leaked (this is a requirement for many types of attacks).
+| 1.5.0
+| December 12, 2025
+| February 19, 2026
+| [https://github.com/kinnay Yannik]
+|-
+| Splatoon 3
+| Predictable seed in anti-cheat system?
+| [https://hackerone.com/reports/3042475 HackerOne report]
+| Relatively easy way to bypass anti-cheat.
+| ?
+| Reported on March 17, 2025
+| February 19, 2026
+| hana2736
+|}