You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Recently, ParaLLeL launcher has fixed a bug in its version of its RSP code that allowed N64 code to potentially escape the emulator and perform ACE on the user's computer (see https://www.twitch.tv/videos/2147408942?t=12257s for an example of this escape in action).
Recently, ParaLLeL launcher has fixed a bug in its version of its RSP code that allowed N64 code to potentially escape the emulator and perform ACE on the user's computer (see https://www.twitch.tv/videos/2147408942?t=12257s for an example of this escape in action).
The fix is here: https://gitlab.com/parallel-launcher/parallel-n64/-/commit/fa9e2e08b0c6cde117cb05cc071cdb74a9e90ad2#06a9a5c035040370b6d9d811526d9586179b3176
The equivalent code in Delta's version of the Mupen core, https://github.com/rileytestut/mupen64plus-core/blob/aa9903b5446a9b50b8f5a31f927ca98e5a33a230/src/device/rcp/rsp/rsp_core.c#L58 and https://github.com/rileytestut/mupen64plus-core/blob/aa9903b5446a9b50b8f5a31f927ca98e5a33a230/src/device/rcp/rsp/rsp_core.c#L84, appears to also be vulnerable to this.
I strongly recommend fixing this as soon as possible.