Difference between revisions of "11.14.0-46"

From 3dbrew
Jump to navigation Jump to search
(Created page with "The Old3DS+New3DS 11.14.0-46 system update was released for all regions on November 17, 2020. This Old3DS update was released for the following regions: USA, EUR, JPN, CHN, KO...")
 
 
(4 intermediate revisions by 4 users not shown)
Line 1: Line 1:
The Old3DS+New3DS 11.14.0-46 system update was released for all regions on November 17, 2020. This Old3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN. This New3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN.
+
The Old3DS+New3DS 11.14.0-46 system update was released for all regions on November 17, 2020 (UTC). This Old3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN. This New3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN.
 +
 
 +
Security flaws fixed: yes.
  
 
==Change-log==
 
==Change-log==
[https://en-americas-support.nintendo.com/app/answers/detail/a_id/667/p/430/c/267 Official] USA change-log:
+
[https://en-americas-support.nintendo.com/app/answers/detail/a_id/231/~/system-menu-update-history Official] USA change-log:
* TBD
+
* Further improvements to overall system stability and other minor adjustments have been made to enhance the user experience.
  
 
==System Titles==
 
==System Titles==
 
===NATIVE_FIRM===
 
===NATIVE_FIRM===
* Changes in the [Process Manager Services|pm driver] breaking compatibility with Luma 10.2.0 and earlier
+
====Kernel11====
===Friends driver===
+
* svcBindInterrupt and svcUnbindInterrupt will now only accept to handle Arm11 interrupt 15 (FIQ helper) if its running on development hardware, otherwise 0xD8E007EE is returned:
* Reported version upgraded to 0xF
+
** this is because the affected code path in svcUnbindInterrupt is vulnerable to a double-free vulnerability; this change makes it impossible to trigger on consumer hardware
===SSL driver===
+
* When mapping the firmlaunch parameter to the user-specified VA, svcKernelSetState now checks that the provided VA is within the 0x10000000..0x14000000 range (an attacker could previously pass VA=0)
* TBD, possibly TLS 1.3 support and/or an update to root certificates.
+
* The compiler seems to have been upgraded (or the optimization parameters changed)
===Internet Browser===
+
 
* Fix for both exploits used in zoogie's browserhax 2020
+
====KIPs====
* TBD, possibly TLS 1.3 support and/or an update to root certificates.
+
No changes.
 +
 
 +
====Process9====
 +
The anti-downgrade list has been updated accordingly. No other changes.
 +
 
 +
====Kernel9====
 +
Kernel9 has been updated, presumably it's just a rebuild with the latest sources and toolchain.
 +
 
 +
===[[Friend_Services|Friends-sysmodule]]===
 +
* Reported fpdver upgraded to 0xF.
 +
 
 +
===[[SSL_Services|SSL-sysmodule]]===
 +
SSLoth was [[3DS_System_Flaws#Standalone_Sysmodules|fixed]].
 +
 
 +
Unknown whether there's other changes.
 +
 
 +
===[[Internet Browser]]===
 +
* Fix for both exploits used in zoogie's browserhax 2020.
 +
* {...}
 +
 
 
===Hotspot list===
 
===Hotspot list===
 
* "nintendo[1-5]", "NCL-NZSERVICE[2-5]", and "nzae200818" removed
 
* "nintendo[1-5]", "NCL-NZSERVICE[2-5]", and "nzae200818" removed
Line 23: Line 44:
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=2020-11-17_00-00-33&sys=ctr]
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=2020-11-17_00-00-33&sys=ctr]
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=2020-11-17_00-00-38&sys=ktr]
 
* [https://yls8.mtheall.com/ninupdates/reports.php?date=2020-11-17_00-00-38&sys=ktr]
 +
 +
[[Category:Firmware Versions]]

Latest revision as of 20:19, 17 March 2021

The Old3DS+New3DS 11.14.0-46 system update was released for all regions on November 17, 2020 (UTC). This Old3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN. This New3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN.

Security flaws fixed: yes.

Change-log[edit]

Official USA change-log:

  • Further improvements to overall system stability and other minor adjustments have been made to enhance the user experience.

System Titles[edit]

NATIVE_FIRM[edit]

Kernel11[edit]

  • svcBindInterrupt and svcUnbindInterrupt will now only accept to handle Arm11 interrupt 15 (FIQ helper) if its running on development hardware, otherwise 0xD8E007EE is returned:
    • this is because the affected code path in svcUnbindInterrupt is vulnerable to a double-free vulnerability; this change makes it impossible to trigger on consumer hardware
  • When mapping the firmlaunch parameter to the user-specified VA, svcKernelSetState now checks that the provided VA is within the 0x10000000..0x14000000 range (an attacker could previously pass VA=0)
  • The compiler seems to have been upgraded (or the optimization parameters changed)

KIPs[edit]

No changes.

Process9[edit]

The anti-downgrade list has been updated accordingly. No other changes.

Kernel9[edit]

Kernel9 has been updated, presumably it's just a rebuild with the latest sources and toolchain.

Friends-sysmodule[edit]

  • Reported fpdver upgraded to 0xF.

SSL-sysmodule[edit]

SSLoth was fixed.

Unknown whether there's other changes.

Internet Browser[edit]

  • Fix for both exploits used in zoogie's browserhax 2020.
  • {...}

Hotspot list[edit]

  • "nintendo[1-5]", "NCL-NZSERVICE[2-5]", and "nzae200818" removed
  • All remaining SSIDs except "NintendoSpotPass[1-2]" are not Nintendo Zones anymore.

See Also[edit]

System update report(s):