Arbitrary kernel read/write access has just been achieved on iOS 11.3 firmware. Here’s what this means for the jailbreak community.
Table of Contents
Min Zheng gains kernel read/write access on iOS 11.3
Alibaba hacker Min Zheng has been single-handedly pwning Apple’s latest firmware versions lately.
Today, the Chinese hacker successfully hacked into the most secure component of iOS, that is, the kernel. A kernel exploit is the most important part of the jailbreak puzzle.
Here’s what he posted on his Twitter handle.
Well, break KASLR and gain arbitrary kernel R/W on iOS 11.3: pic.twitter.com/bTpDclgE49
— Min(Spark) Zheng (@SparkZheng) April 11, 2018
The image above depicts the KASLR protection being defeated and read and write commands executed in the kernel.
Previously, Min successfully discovered an old kernel bug in iOS 11.3. He apparently utilized the same bug to gain arbitrary read/write access this time around.
What does this mean for the jailbreak community?
In a first, Min Zheng confirms that his team will disclose the aforementioned vulnerability to Apple.
Make no mistake, Zheng still hasn’t clarified whether or not the vulnerability will ever go public.
According to him, his team submitted iOS 11.3 kernel exploitation techniques at a conference.
If the said conference approves their submission, which it likely will, the Alibaba Security Team will report it to Apple.
For those who don’t know, Apple allows participants of its Bug Bounty program to publicly release their vulnerabilities.
But here’s the catch – you can only do so when Apple releases a patch and stops signing the affected firmware version.
I recommend staying on iOS 11.3 if you are already on that version. As far as iOS 11.2.6 is concerned, try to stick to it until a promising exploit drops by.
If you are unsure as to which version is right for you, just leave a comment below. I will be happy to help you out.
For more jailbreak scene news, follow us on Facebook and Twitter.
Hi
How can I stop my iPhone from updating it self automatically.
Download tvOS beta profile and install it.
hello, I do not understand all … yesterday or before yesterday saurik to participate in a conference is it? but what did he say about cydia and cydia substratum? he’s talking about his update?
No, he didn’t talk about a jailbreak at all. He was just defending jailbreak so it doesn’t become illegal.
i am on 11.2 .should i upgrade to 11.3 or is it possible to upgrade to 11.2.2 using shsh2 blobs?
You should stay where you are for now.
Hi im on 11.2.2 Sound i stay or upgrade ?
Stay.
I’m in 11.2.5, I upload the version to 11.2.6 or 11.3 or I stay where I am? Thank you
Stay where you are.
Do you know what Version of iOS 11 will IPhone 8 Plus Product red ship with? I am hoping it will be at least 11.1.2 so that I can jailbreak it. Thank you!
No, it won’t ship with iOS 11.1.2. It will ship with iOS 11.2.2 or above versions.
Hi, I’m in 11.2.6 I should stay here? if I want a future jailbreak or better ios 11.3 thanks 🙂
Yes, I suggest staying for now. There’s plenty of time to update as Apple won’t be closing 11.3 anytime soon.
İ am on ios 11.2.1 should i stay ?
Yes, you should.