Sigh... I'll have to correct myself again. Apparently, firmware 3.0.1 still has WebKit 534.52!
After updating and noticing this, I decided to dig a bit through logs and code to come up with a reliable layout for the WebKit updates:
Code:
2.0.0 -> Version: 0x08 (534.52)
2.1.0 -> Version: 0x14 (534.52)
3.0.0 -> Version: 0x31 (534.52)
4.0.0 -> Version: 0x59 (536.28)
4.1.0 -> Version: 0x66 (536.28)
5.0.0 -> Version: 0x71 (536.28)
5.1.1 -> Version: 0x82 (536.28)
5.3.0 -> Version: 0xB1 (536.28)
5.3.1 -> Version: 0xC1 (536.28)
As you can see, Nintendo only updated the WebKit base version on firmware 4.0.0.
Fail0verflow's presentation confirms this when you take into account that it took place December 2013 and
comex mentions Nintendo having updated WebKit a few months ago (that update was 4.0.0 on October 2013).
Anyway, as expected, the bug still doesn't work on firmware 3.0.1 and it only works on firmware 4.0.0 and higher. To the end user, this is yet another reason to update to 5.3.2 as soon as possible.
To me, this means I won't be able to test the bug on my own unit without updating to 4.0.0, so I will leave it at 3.0.1 and port the use-after-free bug instead. This way I can still use it for the IOSU exploit and to dump the keys.