3dbrew

3DS System Flaws: Difference between revisions

← Older editNewer edit →
CTRSDK heap code still doesn't verify neighbouring chunks when coalescing
Nba Yoh (talk | contribs)
28 edits
CTRSDK Streetpass message stack-smashing
Line 1,198: Line 1,198:
!  Timeframe this was discovered
!  Timeframe this was discovered
!  Discovered by
!  Discovered by
|-
| [[CECD_Services|CECD]] Streetpass message exheader stack-smashing
| When parsing streetpass messages, "nn::cec::CTR::Message::InputMessage" calls "nn::cec::CTR::Message::SetExHeaderWithoutCalc" for each exheader entry in the input message. The number of entries should not exceed 16 but remains unchecked, leading to a stack-buffer-overflow.
| ROP under any application parsing Streetpass messages
Remote code execution under [[CECD_Services|CECD]]
| [[11.12.0-44]]
|
| 2019
| [[User:Nba_Yoh|MrNbaYoh]]
|-
|-
| [[NWM_Services|UDS]] beacon additional-data buffer overflow
| [[NWM_Services|UDS]] beacon additional-data buffer overflow
Retrieved from "https://www.3dbrew.org/wiki/3DS_System_Flaws"