Difference between revisions of "11.14.0-46"

From 3dbrew
Jump to navigation Jump to search
(Full diff →‎NATIVE_FIRM)
Line 7: Line 7:
 
==System Titles==
 
==System Titles==
 
===NATIVE_FIRM===
 
===NATIVE_FIRM===
* Kernel11 was updated, svcBindInterrupt will now only bind to ARM11 interrupt 15(fiq related) if its running on debug hardware, otherwise 0xD8E007EE is returned.
+
====Kernel11====
 +
* svcBindInterrupt and svcUnbindInterrupt will now only accept to handle Arm11 interrupt 15 (FIQ helper) if its running on development hardware, otherwise 0xD8E007EE is returned:
 +
** this is because the affected code path in svcUnbindInterrupt is vulnerable to a double-free vulnerability; this change makes it impossible to trigger on consumer hardware
 +
* When mapping the firmlaunch parameter to the user-specified VA, svcKernelSetState now checks that the provided VA is within the 0x10000000..0x14000000 range (an attacker could previously pass VA=0)
 +
* The compiler seems to have been upgraded (or the optimization parameters changed)
 +
====KIPs====
 +
No changes.
 +
====Process9====
 +
The anti-downgrade list has been updated accordingly. No other changes.
 +
====Kernel9====
 +
Kernel9 has been updated, presumably it's just a rebuild with the latest sources and toolchain.
  
 
===Friends driver===
 
===Friends driver===

Revision as of 01:04, 17 December 2020

The Old3DS+New3DS 11.14.0-46 system update was released for all regions on November 17, 2020. This Old3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN. This New3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN.

Change-log

Official USA change-log:

  • TBD

System Titles

NATIVE_FIRM

Kernel11

  • svcBindInterrupt and svcUnbindInterrupt will now only accept to handle Arm11 interrupt 15 (FIQ helper) if its running on development hardware, otherwise 0xD8E007EE is returned:
    • this is because the affected code path in svcUnbindInterrupt is vulnerable to a double-free vulnerability; this change makes it impossible to trigger on consumer hardware
  • When mapping the firmlaunch parameter to the user-specified VA, svcKernelSetState now checks that the provided VA is within the 0x10000000..0x14000000 range (an attacker could previously pass VA=0)
  • The compiler seems to have been upgraded (or the optimization parameters changed)

KIPs

No changes.

Process9

The anti-downgrade list has been updated accordingly. No other changes.

Kernel9

Kernel9 has been updated, presumably it's just a rebuild with the latest sources and toolchain.

Friends driver

  • Reported version upgraded to 0xF

SSL driver

  • TBD, possibly TLS 1.3 support and/or an update to root certificates.

Internet Browser

  • Fix for both exploits used in zoogie's browserhax 2020
  • TBD, possibly TLS 1.3 support and/or an update to root certificates.

Hotspot list

  • "nintendo[1-5]", "NCL-NZSERVICE[2-5]", and "nzae200818" removed
  • All remaining SSIDs except "NintendoSpotPass[1-2]" are not Nintendo Zones anymore.

See Also

System update report(s):