Editing Vulnerabilities
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 259: | Line 259: | ||
== SMAP bypass (CVE-2021-29628) == | == SMAP bypass (CVE-2021-29628) == | ||
See also [https://www.psdevwiki.com/ps4/Vulnerabilities#Kernel_SMAP | See also [https://www.psdevwiki.com/ps4/Vulnerabilities#Kernel_SMAP]. | ||
=== Credits === | === Credits === | ||
Line 267: | Line 267: | ||
=== Analysis === | === Analysis === | ||
* [https:// | * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29628 CVE-2021-29628 (FreeBSD SMAP bypass) by m00nbsd] | ||
* [https://hackerone.com/reports/1048322 CVE-2021-29628 (PS5 SMAP bypass) by m00nbsd] | |||
* [https:// | |||
=== Bug Description === | === Bug Description === | ||
A SMAP bypass has been found by m00nbsd while working on FreeBSD 12. It is named CVE-2021-29628 and affects FreeBSD 12.2 and later (til it was patched). It does not work on PS4 because PS4 kernel is based on FreeBSD 9 which did not contain the vulnerability and because PS4 SMAP does not come from FreeBSD but is custom from Sony. It used to work on PS5 before it was disclosed and patched. | |||
=== Patched === | === Patched === | ||
Line 311: | Line 309: | ||
= Hypervisor = | = Hypervisor = | ||
== <=2.50 - Hypervisor integrated as part of the kernel binary == | == <=2.50 - Hypervisor integrated as part of the kernel binary == |