Changes

Jump to navigation Jump to search
509 bytes added ,  11:32, 29 May 2020
CTRSDK Streetpass message stack-smashing
Line 1,198: Line 1,198:  
!  Timeframe this was discovered
 
!  Timeframe this was discovered
 
!  Discovered by
 
!  Discovered by
 +
|-
 +
| [[CECD_Services|CECD]] Streetpass message exheader stack-smashing
 +
| When parsing streetpass messages, "nn::cec::CTR::Message::InputMessage" calls "nn::cec::CTR::Message::SetExHeaderWithoutCalc" for each exheader entry in the input message. The number of entries should not exceed 16 but remains unchecked, leading to a stack-buffer-overflow.
 +
| ROP under any application parsing Streetpass messages
 +
Remote code execution under [[CECD_Services|CECD]]
 +
| [[11.12.0-44]]
 +
|
 +
| 2019
 +
| [[User:Nba_Yoh|MrNbaYoh]]
 
|-
 
|-
 
| [[NWM_Services|UDS]] beacon additional-data buffer overflow
 
| [[NWM_Services|UDS]] beacon additional-data buffer overflow
28

edits

Navigation menu