Changes

14 bytes added ,  21:24, 9 March 2015
Line 30: Line 30:  
=== [[TWL_FIRM]] ===
 
=== [[TWL_FIRM]] ===
 
==== Process9 ====
 
==== Process9 ====
 +
 +
=== [[FIRM]] Process9 ===
 
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
 
|-
 
|-
Line 40: Line 42:  
!  Discovered by
 
!  Discovered by
 
|-
 
|-
| TWL RSA signature padding checks
+
| RSA signature padding checks
 
| The TWL_FIRM RSA sig padding check code used for all TWL RSA sig-checks has issues, see [[FIRM|here]].
 
| The TWL_FIRM RSA sig padding check code used for all TWL RSA sig-checks has issues, see [[FIRM|here]].
 +
The main 3DS RSA padding check code(non-certificate) uses the function used with the above to extract PKCS padding + the actual hash from the message. This is not an issue when it's verifying signatures *where* the attacker *doesn't* have the private key for the input modulus.
 
|  
 
|  
 
| None
 
| None
| Old3DS: [[6.2.0-12]]. New3DS: [[8.1.0-0_New3DS]]
+
| [[9.5.0-22|9.5.0-X]]
|  
+
| March 2015
 
| [[User:Yellows8|Yellows8]]
 
| [[User:Yellows8|Yellows8]]
|}
  −
  −
=== [[FIRM]] Process9 ===
  −
{| class="wikitable" border="1"
  −
|-
  −
!  Summary
  −
!  Description
  −
!  Successful exploitation result
  −
!  Fixed in [[FIRM]] system version
  −
!  Last [[FIRM]] system version this flaw was checked for
  −
!  Timeframe this was discovered
  −
!  Discovered by
   
|-
 
|-
 
| Uncleared New3DS keyslot 0x11
 
| Uncleared New3DS keyslot 0x11