Nintendo Switch Brew

Changes

Switch System Flaws (view source)

Revision as of 06:30, 14 July 2020

604 bytes added ,  06:30, 14 July 2020
→‎System Modules
Line 472: Line 472:  
!  Public disclosure timeframe
 
!  Public disclosure timeframe
 
!  Discovered by
 
!  Discovered by
 +
|-
 +
| [[HID_services#hid:sys|hid:sys]] ButtonConfig s32 array-index not validated
 +
| The input s32 array-index for [[HID_services#hid:sys|hid:sys]] ButtonConfig cmds 1255-1270 was originally not validated. Using a negative or >=5 index results in accessing out-of-bounds data, with an array stored on stack.
 +
With [10.1.0+] each of these cmds will now Abort if the s32 is negative or >=5.
 +
| hid infoleak, out-of-bounds mem-write anywhere in hid address-space relative to the stack array (with constraints on the data).
 +
| [[10.1.0]]
 +
| [[10.1.0]]
 +
| April 18, 2020
 +
| July 14, 2020
 +
| [[User:Yellows8|yellows8]]
 
|-
 
|-
 
| [[Applet_Manager_services#IStorage|AM IStorage]] infoleak
 
| [[Applet_Manager_services#IStorage|AM IStorage]] infoleak
Retrieved from "https://switchbrew.org/wiki/Special:MobileDiff/9758"