Changes

Jump to navigation Jump to search

Wii U system flaws (view source)

Revision as of 22:09, 27 December 2016

27 bytes added ,  22:09, 27 December 2016
m
https://twitter.com/qlutoo/status/813853367999066113
Line 139: Line 139:  
'''Publicly exploited''': No (but easy to exploit)
 
'''Publicly exploited''': No (but easy to exploit)
   −
'''Discovered by''': plutoo, Mrrraou (independently, on October 31th 2016)
+
'''Discovered by''': plutoo (on September 11th, 2015), Mrrraou (independently, on October 31th, 2016)
    
get_process_name (syscall 0x6) does a signed comparison for the pid parameter (r0) and does not check if the pid is negative, which allows an arbitrary 0x20 bytes kernel read to userland memory.
 
get_process_name (syscall 0x6) does a signed comparison for the pid parameter (r0) and does not check if the pid is negative, which allows an arbitrary 0x20 bytes kernel read to userland memory.
Mrrraou
2

edits

Retrieved from "https://wiiubrew.org/wiki/Special:MobileDiff/2387"

Navigation menu