Changes

Jump to navigation Jump to search

Switch System Flaws (view source)

Revision as of 19:43, 30 December 2017

885 bytes added ,  19:43, 30 December 2017
rip
Line 158: Line 158:  
| Summer 2017 (after smhax was discovered).
 
| Summer 2017 (after smhax was discovered).
 
| December 23, 2017
 
| December 23, 2017
 +
| Everyone
 +
|-
 +
| Single session services not really single session
 +
| Several "critical" services (like fsp-ldr, fsp-pr, sm:m, etc) are meant to only ever hold a single session with a specific sysmodule. However, when a sysmodule dies, all its service session handles are released -- and thus killing the holder of a single session handle would allow one (via sm:hax etc) to get access to that service.
 +
 +
This was fixed in [[4.0.0]] by adding a semaphore to these critical single-session services, so that even if one gets access to them an error code will be returned when attempting to use any of their commands.
 +
| With some way to access these services and kill their session holders: dumping sysmodule code, arbitrary service access, elevated filesystem permissions, etc.
 +
| [[4.0.0]]
 +
| [[4.0.0]]
 +
| May/June 2017 (basically immediately after smhax was discovered)
 +
| December 30, 2017
 
| Everyone
 
| Everyone
 
|}
 
|}
Retrieved from "https://switchbrew.org/wiki/Special:MobileDiff/3304"

Navigation menu