3dbrew

Changes

3DS System Flaws (edit)

Revision as of 03:15, 13 January 2017

361 bytes added ,  03:15, 13 January 2017
no edit summary
Line 469: Line 469:  
!  Timeframe this was discovered
 
!  Timeframe this was discovered
 
!  Discovered by
 
!  Discovered by
 +
|-
 +
| fasthax
 +
| When a KTimer is created in pulse mode, the kernel calls a virtual function to reset the timer each time it pulses. The scheduler is locked for that core to avoid race conditions, but another core can call CloseHandle on the timer and free it, leading to a UAF vtable call.
 +
| See description.
 +
| None
 +
| [[11.2.0-35|11.2.0-X]]
 +
| May 2016
 +
| nedwill
 
|-
 
|-
 
| ipctakeover
 
| ipctakeover
Nedwill
3

edits

Retrieved from "https://www.3dbrew.org/wiki/Special:MobileDiff/19254"