Editing Vulnerabilities
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 96: | Line 96: | ||
=== PS2 game savedata exploits === | === PS2 game savedata exploits === | ||
See [https://www.psdevwiki.com/ps4/Vulnerabilities# | See [https://www.psdevwiki.com/ps4/Vulnerabilities#Usermode_Exploits_.28Game_Savedata.29]. | ||
=== PS4/PS5 PS2emu sandbox escape (mast1c0re) === | === PS4/PS5 PS2emu sandbox escape (mast1c0re) === | ||
See [https://www.psdevwiki.com/ps4/Vulnerabilities#PS4.2FPS5_PS2emu_sandbox_escape_.28mast1c0re.29 | See [https://www.psdevwiki.com/ps4/Vulnerabilities#PS4.2FPS5_PS2emu_sandbox_escape_.28mast1c0re.29]. | ||
=== PS4/PS5 game savedata LUA exploit === | === PS4/PS5 game savedata LUA exploit === | ||
* Hinted by Flatz on 2024-09-14 in [https://gist.github.com/flatz/5e12f75cdb210516d31df03069f7ed0a his implementation of the umtx UaF kernel exploit]. | |||
* It is guessed that some PS4 or PS5 games can be exploited as they use some LUA interpreter and are attackable by editing their save data. | |||
== PS4 emulator exploits == | == PS4 emulator exploits == | ||
Line 155: | Line 157: | ||
* Synacktiv for finding and disclosing publicly the vulnerability (2024-09-04) | * Synacktiv for finding and disclosing publicly the vulnerability (2024-09-04) | ||
* Olivier Certner for fixing the bug (2024-09-04), kib for reviewing the bug fix (2024-09-04), Ed Maste for approving the bug fix commit (2024-09-04) | * Olivier Certner for fixing the bug (2024-09-04), kib for reviewing the bug fix (2024-09-04), Ed Maste for approving the bug fix commit (2024-09-04) | ||
* Shuffle from | * Shuffle from fail0verflow for the FreeBSD 11 and PS5 PoC in C++ (2024-09-14) | ||
* Flatz for writing a PS5 exploit chain with TheFloW's BD-JB2 (2024-09-14) | * Flatz for writing a PS5 exploit chain with TheFloW's BD-JB2 (2024-09-14) | ||
Line 182: | Line 184: | ||
=== Exploit Implementation === | === Exploit Implementation === | ||
* [https://github.com/fail0verflow/ps5-umtxdbg/ C++ implementation for FreeBSD 11 | * [https://github.com/fail0verflow/ps5-umtxdbg/ C++ implementation for FreeBSD 11 and PS5 by Fail0verflow (2024-09-14)] | ||
* [https://gist.github.com/flatz/89dfe9ed662076742f770f92e95e12a7 JAVA implementation for PS5 | * [https://gist.github.com/flatz/89dfe9ed662076742f770f92e95e12a7 JAVA implementation part 1 for PS5 with BD-JB2 by Flatz (2024-09-14)] | ||
* [https://gist.github.com/flatz/5e12f75cdb210516d31df03069f7ed0a | * [https://gist.github.com/flatz/5e12f75cdb210516d31df03069f7ed0a JAVA implementation part 2 for PS5 with BD-JB2 by Flatz (2024-09-14)] | ||
=== Patched === | === Patched === | ||
Line 298: | Line 300: | ||
Potentially unpatched. | Potentially unpatched. | ||
= Hardware = | = Hardware = |