Coldboot Exploit for Tegra Devices Disclosed (NINTENDO SWITCH IS NOT VULNERABLE)

Discussion in 'User Submitted News' started by Essasetic, Jul 9, 2019.

  1. Essasetic
    OP

    Essasetic Your Local TX Fanboy Rebirth

    Member
    11
    Jun 16, 2018
    United Kingdom
    There is currently a coldboot exploit out in the wild for devices for devices that have the line of Nvidia Tegra Processors.
    tegra-x1-header.jpg
    The vulnerability was disclosed by Twitter and GitHub user "@balika011" after Nvidia has weirdly ignored the bug since it's discovery in March.

    The bug works by:
    So devices that are vulnerable are the ones that nvtboot (like the Nvidia Shield Android TV). Unfortunately, the Nintendo Switch does not have nvtboot thus it is not vulnerable to the bug.

    Still a very interesting case of NVIDIA ignoring a bug.

    Source: https://github.com/balika011/selfblow
     
  2. Essasetic
    OP

    Essasetic Your Local TX Fanboy Rebirth

    Member
    11
    Jun 16, 2018
    United Kingdom
    Ack. Spelling error in the title. Can a mod/admin fix the mispelling of "vulnerable" please? Thanks!

    EDIT: Thank you.
     
    Last edited by Essasetic, Jul 10, 2019
    H1B1Esquire, SonyUSA and Lacius like this.
  3. PRAGMA

    PRAGMA GBAtemp Addict

    Member
    13
    Dec 29, 2015
    Ireland
    127.0.0.1
    Saw this on twitter, Got my hopes up haha.
    Still, very good news for Shield TV owners :)
     
    Essasetic likes this.
  4. leafeon34

    leafeon34 Expecto Patronum!

    Member
    11
    Sep 30, 2014
    United Kingdom
    AzkaBANNED.
    It would be more accurate to “say overlooking a bug”. I don’t think NVIDIA noticed this bug and ignored it.
     
  5. AbyssalMonkey

    AbyssalMonkey GBAtemp Fan

    Member
    6
    Jun 5, 2013
    Antarctica
    Prox
    Typically people alert companies under responsible disclosure to give the company time to fix the exploit. They then reveal it afterwards to announce to the public that their devices are vulnerable.

    It's almost certain that NVidia ignored it or it got buried in emails.
     
    Essasetic likes this.
  6. ganons

    ganons GBAtemp Addict

    Member
    8
    Jun 12, 2005
    How would they exactly benefit? You can already do everything on shield TV without any hax anyway.
     
  7. reminon

    reminon GBAtemp Fan

    Member
    5
    Feb 7, 2016
    United States
    Custom open source bootloaders? It destroys secureboot. Right now if an update screws everything up we are stuck with the new update with no way to properly downgrade. Especially if it messes up custom recoveries "twrp" like Nvidia has been known to do in the past.

    A custom bootloader could allow us to boot from other mediums like USB. Allow us to properly load linux. Take full control of the device without having to worry about efuses having us stuck in PROD mode. All of that and more, not to mention its coldboot instead of having to rely on shofel2 or fusee.
     
    Ryccardo likes this.
  8. chrisrlink

    chrisrlink Intel Pentium III Hamster inside

    Member
    9
    Aug 27, 2009
    United States
    inside your crappy old PC
    nintendo mustve known why else would they not use it even on a tegra device such as the switch?
     
  9. reminon

    reminon GBAtemp Fan

    Member
    5
    Feb 7, 2016
    United States
    I think it's more along the line of the switch's custom bootloader, which is completely different than nvboot " the bootloader used in other tegra devices".

    They chose to use a proprietary bootloader tailored for the switch for security, and they wouldn't need any or all of the nvboot features.
     
Quick Reply
Draft saved Draft deleted
Loading...