Changes

111 bytes added ,  15:28, 3 September 2016
→‎Kernel11: (elaborate)
Line 453: Line 453:  
| Can change the size of free memchunk structures stored in FCRAM using DMA, which leads to the ability to allocate memory chunks over already-allocated memory. This can be used in the SYSTEM region to allocate RW memory over any part of the NS system module, which is enough to take it over.
 
| Can change the size of free memchunk structures stored in FCRAM using DMA, which leads to the ability to allocate memory chunks over already-allocated memory. This can be used in the SYSTEM region to allocate RW memory over any part of the NS system module, which is enough to take it over.
 
| Code execution with access to all of NS's privileges. (including downgrading) Code execution within any applet.
 
| Code execution with access to all of NS's privileges. (including downgrading) Code execution within any applet.
| [[11.0.0-33|11.0.0-X]] (partial)
+
| [[11.0.0-33|11.0.0-X]], via the new [[Memory_Management#MemoryBlockHeader|memchunkhdr]] MAC which prevents modifying memchunkhdr data with DMA.
 
| [[11.0.0-33|11.0.0-X]]
 
| [[11.0.0-33|11.0.0-X]]
 
| April 2015 ?
 
| April 2015 ?