Nintendo Switch Brew

Changes

Switch System Flaws (view source)

Revision as of 21:21, 15 January 2018

647 bytes added ,  21:21, 15 January 2018
rip
Line 139: Line 139:  
| 34c3 (December 28, 2017)
 
| 34c3 (December 28, 2017)
 
| [[User:qlutoo|qlutoo]]
 
| [[User:qlutoo|qlutoo]]
 +
|-
 +
| Memory Controller not properly secured
 +
| The Switch OS originally had the memory controller not set to be accessible only by the secure-world, which was problematic because insecure access can compromise the kernel.
 +
 +
This was fixed partially in [[2.0.0]] by blacklisting the memory controller from being mapped by user-processes, and was fixed entirely in [[4.0.0]] by making the memory controller TZ-only and making all kernel accesses go through [[SMC|smcReadWriteRegister]].
 +
| With some way to access the memory controller MMIO, arbitrary kernel code execution.
 +
| [[4.0.0]]
 +
| [[4.0.0]]
 +
| January 2018
 +
| January 2018
 +
| SciresM, yellows8
 
|-
 
|-
 
|}
 
|}
Line 185: Line 196:  
| December 30, 2017
 
| December 30, 2017
 
| Everyone
 
| Everyone
 +
|-
 
|}
 
|}
  
Retrieved from "https://switchbrew.org/wiki/Special:MobileDiff/3441"