4,576
edits
Changes
Jump to navigation
Jump to search
Line 1,035:
Line 1,035: + + + + + + + + + + + +
→System Modules
| March 27, 2024
| March 27, 2024
| [[User:Yellows8|yellows8]]
| [[User:Yellows8|yellows8]]
|-
| [[Migration_services|migration]] nn::migration::savedata::IServer cmd1 buffer overflow
| nn::migration::savedata::IServer cmd1 originally copied data from an array to the output ptr. As the output is an u64 field for the IPC cmd output, this is a field on stack. Hence, if more than 1 entry (8-bytes) are copied a stack buffer overflow will occur. Note that cmd3 loads the same data, except this has a proper output array.
It's unknown whether there's a way to actually control this data with a large enough enough size.
See [[8.1.0]] for the diff/fix.
| [[Migration_services|migration]] stack buffer overflow.
| [[18.1.0]]
| [[18.1.0]]
| June 11, 2024
| June 11, 2024
| [[User:Yellows8|yellows8]] (sysupdate diff)
|}
|}