11.14.0-46: Difference between revisions

← Older edit Newer edit →

@@ Line 7: / Line 7: @@
 ==System Titles==
 ===NATIVE_FIRM===
-* Kernel11 was updated, svcBindInterrupt will now only bind to ARM11 interrupt 15(fiq related) if its running on debug hardware, otherwise 0xD8E007EE is returned.
+====Kernel11====
+* svcBindInterrupt and svcUnbindInterrupt will now only accept to handle Arm11 interrupt 15 (FIQ helper) if its running on development hardware, otherwise 0xD8E007EE is returned:
+** this is because the affected code path in svcUnbindInterrupt is vulnerable to a double-free vulnerability; this change makes it impossible to trigger on consumer hardware
+* When mapping the firmlaunch parameter to the user-specified VA, svcKernelSetState now checks that the provided VA is within the 0x10000000..0x14000000 range (an attacker could previously pass VA=0)
+* The compiler seems to have been upgraded (or the optimization parameters changed)
+====KIPs====
+No changes.
+====Process9====
+The anti-downgrade list has been updated accordingly. No other changes.
+====Kernel9====
+Kernel9 has been updated, presumably it's just a rebuild with the latest sources and toolchain.
 ===Friends driver===