DSi system flaws
Revision as of 00:11, 19 August 2021 by Hallowizer (talk | contribs) (→Nintendo SDK: seems like the bug is actually for DS games)
boot1
| Summary | Description | Successful exploitation result | Fixed in boot1 version | Discovered | Discovered by |
|---|---|---|---|---|---|
| Poor System Menu TMD size check | boot1 loads the System Menu's TMD for verification and loading, and it attempts to check the size. However, instead of checking if size > capacity, it checks if size > size, which is always false, resulting in a buffer overflow.
|
Code execution under boot1 | Unfixed | August 2017 | Nocash |
System Menu
| Summary | Description | Successful exploitation result | Discovered | Discovered by |
|---|---|---|---|---|
| DS games are not patched to verify overlays. | While the System Menu checks all cartridge overlays to prevent unauthorized software, no such check exists when the overlays are actually loaded, despite an MIOS-like patcher being possible to implement. By changing the overlay after it is checked, it is possible to run arbitrary code. | Code execution under any DS game with overlays. | January 2010 | Datel, blasty (by reverse engineering Action Replay) |