119
edits
Changes
Jump to navigation
Jump to search
Line 74:
Line 74: − |- − | FIRM partitions known-plaintext − | The [[Flash_Filesystem|FIRM partitions]] are encrypted with AES-CTR without a MAC. Since this works by XOR'ing data with a static (per-console in this case) keystream, one can deduce the keystream of a portion of each FIRM partition if they have the actual FIRM binary stored in it. − − This can be paired with many exploits. For example, it allows minor FIRM downgrades (i.e. 10.4 to 9.6 or 9.5 to 9.4, but not 9.6 to 9.5). − However it is most commonly used to install arbitrary FIRMs (usually boot9strap), thanks to sighax. − − This can be somewhat addressed by having a FIRM header skip over previously used section offsets, but this would just air-gap newer FIRMs without fixing the core bug. This can also only be done a limited number of times due to the size of FIRM versus the size of the partitions. − | None − | New3DS − | − | Everyone Line 99:
Line 87: − |- − | Boot9 AES keyinit function issues − | [[Bootloader|Boot9]] seems to have two bugs in the AES key-init function, see [[AES_Registers#AES_key-init|here]]. − | None − | BootROM issue. − | 2015 − | [[User:Yellows8|Yellows8]] Line 114:
Line 95: + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→System flaws: Moved some Hardware flaws to a new Boot ROM section
| February 2015
| February 2015
| [[User:Yellows8|Yellows8]], [[User:Plutooo|plutoo]]
| [[User:Yellows8|Yellows8]], [[User:Plutooo|plutoo]]
|-
|-
| RSA keyslots don't clear exponent when setting modulus
| RSA keyslots don't clear exponent when setting modulus
| March 2016
| March 2016
| [[User:Myria|Myria]]
| [[User:Myria|Myria]]
|-
|-
| [[CONFIG11_Registers#CFG11_GPUPROT|CFG11_GPUPROT]] allowing acccess to AXIWRAM/FCRAM-BASE-memregion
| [[CONFIG11_Registers#CFG11_GPUPROT|CFG11_GPUPROT]] allowing acccess to AXIWRAM/FCRAM-BASE-memregion
| New3DS
| New3DS
| February 7, 2017
| February 7, 2017
| [[User:Yellows8|Yellows8]]
|}
== Boot ROM ==
{| class="wikitable" border="1"
! Summary
! Description
! Fixed with hardware model/revision
! Newest hardware model/revision this flaw was checked for
! Timeframe this was discovered
! Discovered by
|-
| FIRM partitions known-plaintext
| The [[Flash_Filesystem|FIRM partitions]] are encrypted with AES-CTR without a MAC. Since this works by XOR'ing data with a static (per-console in this case) keystream, one can deduce the keystream of a portion of each FIRM partition if they have the actual FIRM binary stored in it.
This can be paired with many exploits. For example, it allows minor FIRM downgrades (i.e. 10.4 to 9.6 or 9.5 to 9.4, but not 9.6 to 9.5).
However it is most commonly used to install arbitrary FIRMs (usually boot9strap), thanks to sighax.
This can be somewhat addressed by having a FIRM header skip over previously used section offsets, but this would just air-gap newer FIRMs without fixing the core bug. This can also only be done a limited number of times due to the size of FIRM versus the size of the partitions.
| None
| New3DS
|
| Everyone
|-
| Boot9 AES keyinit function issues
| [[Bootloader|Boot9]] seems to have two bugs in the AES key-init function, see [[AES_Registers#AES_key-init|here]].
| None
| BootROM issue.
| 2015
| [[User:Yellows8|Yellows8]]
| [[User:Yellows8|Yellows8]]
|-
|-