Ian Beer releases kernel info leak and UaF bugs for iOS 11.4-11.4.1

A few hours back, Ian Beer publicly released his iOS 11.4 exploits as promised. Here’s why these bugs are important and how they can help us achieve a jailbreak on iOS 11.4 and above.

Sandbox escape and kernel exploits for iOS 11.4-11.4.1

Project Zero security researcher Ian Beer has finally made public the kernel info leak and UaF bugs.

The ace hacker posted an in-depth write-up, Deja XNU, comparing the exploitation techniques used in 2014 by Team Pangu. He also delves into what the future of iOS security research will look like.

Apart from the bugs mentioned above, Beer has also released multiple kernel and sandbox escape exploits.

Unfortunately, the sandbox escape only grants the attacker code execution privilege in the backboardd daemon, which runs as mobile, not root.

When will iOS 11.4.1 jailbreak be released?

Unfortunately, these bugs are not powerful enough for an iOS 11.4.1 jailbreak on their own. However, they could possibly become useful, when used in conjunction with other public exploits, in the future.

According to Jake James, we would first need to make Brandon’s exploit work on iOS 11.4 and then chain them together to gain root access on it. Simply utilizing Jonathan Levin’s QiLin jailbreak toolkit in the post-exploitation phase won’t cut it.

iOS 11.4.1, on the other hand, will require root to make Ian’s bugs work.

iOS 11.4.1 jailbreak

Further, Project Zero hackers usually wait for Apple to unsign the vulnerable operating system version before making bugs public. This severely affects the level of interest users give to that firmware.

Regardless, this is great news for users who held back from upgrading to iOS 12. Your decision to stick with iOS 11.4 or 11.4.1 might just pay off very soon!

Which firmware are you using right now? Post your version number below.

6 Comments

  1. Abouelenein October 21, 2018
  2. InFaMu5 October 20, 2018
  3. frank October 20, 2018
    • Gian October 20, 2018
    • InFaMu5 October 20, 2018
    • Ian Beer November 3, 2018

Leave a Reply

Share21
Tweet