The issue is NOT that the vulnerability was patched, but the fact the memory addresses in use on 5.1+ are different, and they need to determine how much padding they need to align their injected code into the proper memory address that will be blindly executed by the 3DS. Gateway pretty much confirmed that the vulnerability hadn't been patched by Nintendo in all firmwares that were currently released (up until 6.2). Unfortunately, it is a needle in a haystack trying to find the proper memory address that needs to be rewritten to