The Old3DS+New3DS 11.14.0-46 system update was released for all regions on November 17, 2020 (UTC). This Old3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN. This New3DS update was released for the following regions: USA, EUR, JPN, CHN, KOR, and TWN.

Security flaws fixed: yes.

Change-log

Official USA change-log:

  • Further improvements to overall system stability and other minor adjustments have been made to enhance the user experience.

System Titles

NATIVE_FIRM

Kernel11

  • svcBindInterrupt and svcUnbindInterrupt will now only accept to handle Arm11 interrupt 15 (FIQ helper) if its running on development hardware, otherwise 0xD8E007EE is returned:
    • this is because the affected code path in svcUnbindInterrupt is vulnerable to a double-free vulnerability; this change makes it impossible to trigger on consumer hardware
  • When mapping the firmlaunch parameter to the user-specified VA, svcKernelSetState now checks that the provided VA is within the 0x10000000..0x14000000 range (an attacker could previously pass VA=0)
  • The compiler seems to have been upgraded (or the optimization parameters changed)

KIPs

No changes.

Process9

The anti-downgrade list has been updated accordingly. No other changes.

Kernel9

Kernel9 has been updated, presumably it's just a rebuild with the latest sources and toolchain.

Friends-sysmodule

  • Reported fpdver upgraded to 0xF.

SSL-sysmodule

SSLoth was fixed.

Unknown whether there's other changes.

Internet Browser

  • Fix for both exploits used in zoogie's browserhax 2020.
  • {...}

Hotspot list

  • "nintendo[1-5]", "NCL-NZSERVICE[2-5]", and "nzae200818" removed
  • All remaining SSIDs except "NintendoSpotPass[1-2]" are not Nintendo Zones anymore.

See Also

System update report(s):