iOS 11.2.6 kernel vulnerability PoC released, may lead to a jailbreak

Renowned hacker Chris Wade just published a new kernel proof of concept for iOS 11.2.6. Here’s why this release is important for the jailbreak community.

Chris Wade makes iOS 11.2.6 kernel PoC public

Chris Wade just open-sourced his proof of concept for the CVE-2018-4150 kernel vulnerability.

According to iOS 11.3’s security notes, this bug allows malicious applications to execute unsigned code with kernel privileges. It is compatible with iPhone 5s and above, iPad Air and above, and iPod touch 6th generation.

Chris published this bug on Twitter with a Pastebin link pointing to his proof of concept that triggers the vulnerability.

Here you go https://t.co/hld613X4b0

— Chris Wade (@cmwdotme) May 8, 2018

Unfortunately, Apple patched this bug in iOS 11.3, which is also the reason why Chris made it public.

iOS is now more secure than ever and no one is willing to blow a vulnerability for free.

Though it is compatible with all versions older than iOS 11.2.6, it’s relevant only up till iOS 11.2. All firmware versions older than iOS 11.1.2 already have a stable semi-untethered jailbreak.

Moreover, iOS 11-11.1.2 can no longer upgrade to iOS 11.2.6 as iOS 11.3.1 SEP isn’t compatible with iOS 11.2.6.

When is a jailbreak coming?

Coolstar has already mentioned that Electra can work with iOS 11.2-11.2.6 if he gets his hands on a kernel exploit.

This vulnerability might just lead to a complete exploit that he might use in the future.

Judging by his last tweet, he might as well be working on an Electra jailbreak port for iOS 11.2 and above.

11.2-11.2.6 users, stay on your current firmware! https://t.co/x6nDm5Mit5

— CoolStar (@coolstarorg) May 8, 2018

However, German hacker Siguza remarked that this is just a proof of concept and doesn’t perform any actual pwning as of now.

No matter what happens, just stay on iOS 11.2.6 or below if you wish to own a jailbroken device.

For more jailbreak scene updates, follow us on Facebook and Twitter.