iOS 9 public is coming, but this is not a good thing for jailbreakers, as Apple has patched all jailbreak exploits in iOS 9. Last month, the Pangu jailbreak team demonstrated an iOS 8.4.1 jailbreak on HackPWN 2015, but they did not update a new version for the jailbreak tool because they were waiting to see whether these vulnerabilities also exist in iOS 9, if exist, they will proceed to make a jailbreak tool for iOS 9, but the reality is Apple patched them, we should wait longer to meet a new jailbreak.
On Tuesday, the Pangu jailbreak team published a blog post outlining some of the details about what they used to exploit the kernel in iOS 8.4.1.
In this blog, we will disclose 3 vulnerabilities in this kernel extension on the latest public iOS (version 8.4.1). …
- 1st – Stack overflow bug in the function for selector 7
- 2nd – Out-of-bound memory access bug in the function for selector 14
- 3rd – Heap overflow bug in the function for selector 12
Pangu notes that Apple’s code in “com.apple.driver.AppleHDQGasGaugeControl” isn’t of very high quality and has been very easy for the team to exploit. One of the exploits even gives the Pangu jailbreak team the ability to gain code execution in the kernel itself; this one is known as a “perfect heap overflow” vulnerability.