Open main menu

Nintendo Switch Brew β

Difference between revisions of "Switch Userland Flaws"

(Browser userspace)
(Browser userspace)
 
(3 intermediate revisions by 2 users not shown)
Line 16: Line 16:
 
| Original: August 2016
 
| Original: August 2016
 
Switch: March 3rd-4th 2017
 
Switch: March 3rd-4th 2017
| ???
+
| Everyone
 
|-
 
|-
| [https://github.com/yellows8/browserhax_fright browserhax_fright_tx3g]
+
| CVE-2017-7005
|  
+
| WebKit type confusion.
| [[2.1.0]]
+
| [[3.0.1]]
 +
| [[3.0.1]]
 
|  
 
|  
 +
| Everyone
 +
|-
 +
| CVE-2016-4622
 +
| WebKit memory corruption bug. This bug was incorrectly re-introduced in [[4.0.0]]. See [http://www.phrack.org/papers/attacking_javascript_engines.html here] for a detailed write-up from the author.
 +
| [[6.1.0]]
 +
| [[6.1.0]]
 
|  
 
|  
 +
| Everyone
 +
|-
 +
| CVE-2018-4441
 +
| WebKit memory corruption bug. See [https://bugs.chromium.org/p/project-zero/issues/detail?id=1685&desc=2 here].
 +
| [[7.0.0]]
 +
| [[7.0.0]]
 
|  
 
|  
 +
| Everyone
 
|}
 
|}

Latest revision as of 20:25, 10 March 2019

This page lists vulnerabilities / exploits for Nintendo Switch applications and applets.

Browser userspace

Summary Description Fixed with software update Newest software update this flaw was checked for Timeframe this was discovered Discovered by
CVE-2016-4657 WebKit vuln discovered around August 2016. Most notably used in the iOS 9.3.X exploit. A simple PoC can be found here. This was later exploited by Qwertyoruiop using an adjusted version of his iOS 9.3 webkit exploit (others exploited this prior to then). 2.1.0 2.0.0 Original: August 2016

Switch: March 3rd-4th 2017

Everyone
CVE-2017-7005 WebKit type confusion. 3.0.1 3.0.1 Everyone
CVE-2016-4622 WebKit memory corruption bug. This bug was incorrectly re-introduced in 4.0.0. See here for a detailed write-up from the author. 6.1.0 6.1.0 Everyone
CVE-2018-4441 WebKit memory corruption bug. See here. 7.0.0 7.0.0 Everyone