3dbrew

Changes

3DS Userland Flaws (edit)

Revision as of 18:09, 1 October 2017

719 bytes added ,  18:09, 1 October 2017
Pokemon Omega Ruby/Alpha Sapphire
Line 168: Line 168:  
| August 29, 2017
 
| August 29, 2017
 
| August, 2017
 
| August, 2017
 +
| [[User:Nba_Yoh|MrNbaYoh]]
 +
|-
 +
| Pokemon Omega Ruby/Alpha Sapphire
 +
| PSS data heap/stack overflow
 +
| When launching the game, multiple chunks from the save file are parsed and copied to a large heap buffer. When parsing PSS data (acquaintances, passerby) the game copies each entry to the heap buffer, the number of entries to copy is read from the end of the multiple pss data chunks and is not checked, leading to an overflow. The "PSS data - friends" chunk is vulnerable too, but the overflow occurs on the stack and unfortunately this isn't exploitable because of a 4 bytes uncontrolled value (in each entry) that gets written on sensitive data.
 +
| None
 +
| App: 1.4. System: [[11.6.0]].
 +
| October 1, 2017
 +
| June, 2016
 
| [[User:Nba_Yoh|MrNbaYoh]]
 
| [[User:Nba_Yoh|MrNbaYoh]]
 
|}
 
|}
Nba Yoh
28

edits

Retrieved from "https://www.3dbrew.org/wiki/Special:MobileDiff/20368"