1,359
edits
Changes
m
Reverted edits by Uyuiyu (talk) to last revision by Qlutoo
Line 3:
Line 3:
These are the current public Switch System Flaws.
−== Kernel software==+
−
=List of Switch System Flaws=
=List of Switch System Flaws=
−== Hardware ==
== Hardware ==
Line 23:
Line 21:
|-
|-
|}
|}
−==ARM TrustZone software==
+===ARM TrustZone===
+== System software ==
+=== Kernel ===
{| class="wikitable" border="1"
{| class="wikitable" border="1"
|-
|-
Line 36:
Line 35:
! Discovered by
! Discovered by
|-
|-
−| No public ARM TrustZone exploits
+| No public Kernel exploits
|
|
|
|
Line 46:
Line 45:
|-
|-
|}
|}
−===Kernel===
+=== TrustZone ===
{| class="wikitable" border="1"
{| class="wikitable" border="1"
|-
|-
Line 59:
Line 58:
! Discovered by
! Discovered by
|-
|-
−| No public Kernel exploits
+| No public ARM TrustZone exploits
|
|
|
|
Line 67:
Line 66:
|
|
|
|
+|-
+|}
+
+=== System Modules ===
+{| class="wikitable" border="1"
+|-
+! Summary
+! Description
+! Successful exploitation result
+! Fixed in system version
+! Last system version this flaw was checked for
+! Timeframe this was discovered
+! Public disclosure timeframe
+! Discovered by
+|-
+| OOB Read in NS system module (pl:utoohax, pl:utonium, maybe other names)
+| Prior to [[3.0.0]], pl:u (Shared Font services implemented in the NS sysmodule) service commands 1,2,3 took in a signed 32-bit index and returned that index of an array but did not check that index at all. This allowed for an arbitrary read within a 34-bit range (33-bit signed) from NS .bss. In [[3.0.0]], sending out of range indexes causes error code 0x60A to be returned.
+| Dumping full NS .text, .rodata and .data, infoleak, etc
+| [[3.0.0]]
+| [[3.0.0]]
+| April 2017
+| On exploit's fix in [[3.0.0]]
+| qlutoo, Reswitched team (independently)
|-
|-
|}
|}