Switch System Flaws: Difference between revisions
Added transfermeme |
Added link to writeup on transfermeme |
||
| Line 385: | Line 385: | ||
| [[User:daeken|daeken]] | | [[User:daeken|daeken]] | ||
|- | |- | ||
| transfermeme (nvservices info leak) | | [https://daeken.svbtle.com/nintendo-switch-nvservices-info-leak transfermeme (nvservices info leak)] | ||
| The nvservices sysmodule does not clear its transfer memory prior to release. | | The nvservices sysmodule does not clear its transfer memory prior to release. | ||
| The calling process can read key bits of memory, including breaking ASLR (by revealing the image base) and exposing the address of other transfer memory to set up attacks. | | The calling process can read key bits of memory, including breaking ASLR (by revealing the image base) and exposing the address of other transfer memory to set up attacks. | ||