3DS System Flaws: Difference between revisions
→Kernel11: memchunkhax2.1 |
|||
| Line 431: | Line 431: | ||
| | | | ||
|- | |- | ||
| | | memchunkhax2.1 | ||
| Nintendo's fix for memchunkhax2 in [[10.4.0-29|10.4.0-X]] did not fix the GPU case: one may cause the requisite ToCToU race using gspwn, bypassing the new validation. | |||
derrek's original 32c3 presentation for memchunkhax2 commented that a GPU-based attack was possible, but would be difficult. However, memchunkhax2.1 showed that it was possible to do fairly reliably. | |||
| ARM11 kernel code execution | |||
| None | |||
| [[10.7.0-32|10.7.0-X]] | |||
| | |||
| derrek, aliaspider | |||
|- | |||
| memchunkhax2 | |||
| | | | ||
| ARM11 kernel code execution | | ARM11 kernel code execution | ||
| [[10.4.0-29|10.4.0-X]] (partially) | | [[10.4.0-29|10.4.0-X]] (partially) | ||
| [[10. | | [[10.7.0-32|10.7.0-X]] | ||
| | | | ||
| derrek | | derrek | ||