Difference between revisions of "Switch System Flaws"

From Nintendo Switch Brew
Jump to navigation Jump to search
(Browser Is Userland)
(RIP pl:utoohax)
Line 67: Line 67:
 
|
 
|
 
|
 
|
 +
|-
 +
|}
 +
 +
===System Modules===
 +
{| class="wikitable" border="1"
 +
|-
 +
!  Summary
 +
!  Description
 +
!  Successful exploitation result
 +
!  Fixed in system version
 +
!  Last system version this flaw was checked for
 +
!  Timeframe this was discovered
 +
!  Public disclosure timeframe
 +
!  Discovered by
 +
|-
 +
|  OOB Read in NS system module (pl:utoohax, pl:utonium, maybe other names)
 +
|  Prior to [[3.0.0]], pl:u (Shared Font services implemented in the NS sysmodule) service commands 1,2,3 took in a signed 32-bit index and returned that index of an array but did not check that index at all. This allowed for an arbitrary read within a 34-bit range (33-bit signed) from pl:u .bss
 +
|  Dumping pl:u (part of the the NS module)'s virtual memory (including code); obtaining base addresses for NS module .text (thus defeating ASLR)
 +
|  [[3.0.0]]
 +
|  [[3.0.0]]
 +
|  April 2017
 +
|  On exploit's fix in [[3.0.0]]
 +
|  qlutoo, Reswitched team (independently)
 
|-
 
|-
 
|}
 
|}

Revision as of 07:39, 20 June 2017

System Flaws are used to execute unofficial code (homebrew) on the Nintendo Switch. This page is a list of known and public Switch System Flaws.

List of Switch System Flaws

There are currently no public Switch System Flaws.

Hardware

Summary Description Fixed with hardware model/revision Newest hardware model/revision this flaw was checked for Timeframe this was discovered Discovered by
No public hardware exploits

ARM TrustZone software

ARM TrustZone

Summary Description Successful exploitation result Fixed in system version Last system version this flaw was checked for Timeframe this was discovered Public disclosure timeframe Discovered by
No public ARM TrustZone exploits

Kernel software

Kernel

Summary Description Successful exploitation result Fixed in system version Last system version this flaw was checked for Timeframe this was discovered Public disclosure timeframe Discovered by
No public Kernel exploits

System Modules

Summary Description Successful exploitation result Fixed in system version Last system version this flaw was checked for Timeframe this was discovered Public disclosure timeframe Discovered by
OOB Read in NS system module (pl:utoohax, pl:utonium, maybe other names) Prior to 3.0.0, pl:u (Shared Font services implemented in the NS sysmodule) service commands 1,2,3 took in a signed 32-bit index and returned that index of an array but did not check that index at all. This allowed for an arbitrary read within a 34-bit range (33-bit signed) from pl:u .bss Dumping pl:u (part of the the NS module)'s virtual memory (including code); obtaining base addresses for NS module .text (thus defeating ASLR) 3.0.0 3.0.0 April 2017 On exploit's fix in 3.0.0 qlutoo, Reswitched team (independently)