More FreeBSD Vulnerabilities reported, most likely impact PS4 and PS5
Two “new” FreeBSD vulnerabilities have been spotted by Zecoxao. One of them dates back from 2021, the other is from August this year. This follows another similar finding of a FreeBSD vulnerability earlier this week, indicating hackers are on the hunt for more ways to break into the PS4 and PS5.
Because the Operating systems of PS4 and PS5 are based on FreeBSD, it is likely that FreeBSD exploits also impact these systems. It is however difficult to confirm in general, given that they are black boxes.
Two FreeBSD vulnerabilities that impact the PS4 and PS5
The Vulnerabilities are as follows:
CVE-2021-29626
A particular case of memory sharing is mishandled in the virtual memory system. It is possible and legal to establish a relationship where multiple descendant processes share a mapping which shadows memory of an ancestor process. In this scenario, when one process modifies memory through such a mapping, the copy-on-write logic fails to invalidate other mappings of the source page. These stale mappings may remain even after the mapped pages have been reused for another purpose.
- Advisory
- the patch file indicates that the vulnerability lies in sys/vm/vm_fault.c
CVE-2022-23091
A particular case of memory sharing is mishandled in the virtual memory system.
- Advisory
- the patch file indicates that the vulnerability lies in sys/vm/vm_fault.c
What is the impact for PS4/PS5?
In both cases, the reports states: “An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel.”
Zecoxao stated that both infoleaks have been confirmed as still existing on both PS4 and PS5
the infoleaks still exist on ps4 and ps5, confirmed by keys friend
— Control_eXecute (@notzecoxao) December 3, 2022
This is good news as such vulnerabilities can be used in a larger exploit chain, but as he states, arbitrary Read/Write would be better.
As always, these vulnerabilities are not useful to end users, but might be of interest to hackers with the right set of tools, in order to make additional progress on a potential Jailbreak, for either the PS4/PS5. Only time will tell us if these turned out to be useful or not.
Source: Zecoxao
Firstus doesn’t care about any of this, he owns an xsx with 77tb ssd and an elite controller that boosts fps
it doesn’t matter since wololo moderates commets
That’s true. For what it’s worth, I generally approve all comments unless they are insulting, full of slurs, obvious spam, or simply illegal
long term lurker, second time poster – amazing work guys keep it up, i get all my hacking news/general scene news from you all. Thanks for the work!