Editing Vulnerabilities
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 186: | Line 186: | ||
Advantages of the PS4/PS5 PS2emu sandbox escape exploit over most WebKit exploits: | Advantages of the PS4/PS5 PS2emu sandbox escape exploit over most WebKit exploits: | ||
* Bigger kernel attack surface (more usermode privileges) versus WebKit very restricted and becoming more and more with firmware revisions. For example, the PS2emu process uses libkernel_sys, which supports nmount and so | * Bigger kernel attack surface (more usermode privileges) versus WebKit very restricted and becoming more and more with firmware revisions. For example, the PS2emu process uses libkernel_sys, which supports nmount and so mount of system partitions, whilst neither libkernel_web nor regular libkernel do. | ||
* 100% reliable versus WebKit exploits becoming less and less stable with firmware revisions | * 100% reliable versus WebKit exploits becoming less and less stable with firmware revisions | ||
* Firmware agnostic (ROP-less code execution) versus almost one WebKit revision every three firmware update | * Firmware agnostic (ROP-less code execution) versus almost one WebKit revision every three firmware update | ||
Line 208: | Line 208: | ||
==== Patched ==== | ==== Patched ==== | ||
'''No''' as of PS4 FW 11. | '''No''' as of PS4 FW 11.00 and PS5 FW 8.00. Using the game Okage Shadow King, the exploit should work starting from PS4 FW 3.15 and PS5 FW 1.00. | ||
=== PS4/PS5 game savedata LUA exploit === | === PS4/PS5 game savedata LUA exploit === |