Switch System Flaws: Difference between revisions
clarification |
we are all dying af |
||
| Line 109: | Line 109: | ||
! Public disclosure timeframe | ! Public disclosure timeframe | ||
! Discovered by | ! Discovered by | ||
|- | |||
| Arbitrary service handle forging | |||
| Prior to [[3.0.1]], the service manager ("sm") built-in system module could provide valid handles for any [[Services_API|service]] if the user creates a new "sm:" port session but bypasses [[Services_API#Initialize|initialization]]. | |||
In [[3.0.1]], "sm" returns error code 0x415 if [[Services_API#Initialize|Initialize]] has not been called yet. | |||
| Access to any service | |||
| [[3.0.1]] | |||
| [[3.0.1]] | |||
| April 2017 | |||
| August 17, 2017 | |||
| Everyone | |||
|- | |- | ||
| Out-of-bounds array read for [[BCAT_Content_Container]] secret-data index | | Out-of-bounds array read for [[BCAT_Content_Container]] secret-data index | ||