3
edits
Changes
Jump to navigation
Jump to search
Line 98:
Line 98: − + − + Line 109:
Line 109: − + +
→boot9: Removed nedwill because nedwill didn't discover any of the two. Also fixed a huge factual mistake I still think is true?
|-
|-
| Incorrect padding check
| Incorrect padding check
| The FIRM signature is using PKCS #1 padding, which mandates that the padding is all 0xFF bytes. This is not checked correctly, because it only checks whether none of the bytes in the padding are 0x00. This allows a signature to be crafted more easily (sighax)
| The signature has a flag byte that determines whether the padding should be checked. This makes you able to bruteforce the padding very easily, as only the flag byte has to be zero.
| N/A
| N/A
| New3DS
| New3DS
| Summer 2015
| Summer 2015
| derrek and/or nedwill
| derrek
|-
|-
| No bound checks inside of ASN.1 parser
| No bound checks inside of ASN.1 parser
| New3DS
| New3DS
| Summer 2015
| Summer 2015
| derrek and/or nedwill
| derrek
|}
|}
=== arm9loader ===
=== arm9loader ===
{| class="wikitable" border="1"
{| class="wikitable" border="1"