Min Zheng discovers old kernel vulnerability in iOS 11.3

Min Zheng has just made a startling revelation on Twitter. The hacker claims that an old kernel vulnerability is still alive on iOS 11.3 firmware.

Old kernel bug survives iOS 11.3

Min Zheng aka Spark, a member of the Alibaba security team, has discovered a new kernel vulnerability in iOS 11.3.

The aforementioned kernel bug, surprisingly, is rather old and seems to have survived Apple’s renewed onslaught, wherein 45 bugs were patched.

This is indicative of the fact that iOS 11.2.6 and older versions, too, are vulnerable to this bug.         

Here’s what Zheng posted on his Twitter handle.

There’s no write-up pertaining to this bug available publicly right now. Apparently, this bug allows the attacker to execute unsigned code with kernel privileges.

What does this mean for you?

This only means one thing – Apple’ s latest mobile operating system still has a wide enough attack surface. 

While there’s no guarantee that this bug will go public, there’s a slight chance that Zheng might release it in the future. As of now, we only have two bugs, including this bug, that are compatible with the latest stable build of iOS.

hacker

No matter what happens, you should keep your device prepped up for a future jailbreak or semi-jailbreak release.

I highly recommend saving SHSH Blobs for iOS 11.3 firmware if you haven’t already. This will ensure your device will be eligible for any updates to iOS 11.3 should a jailbreak drop somewhere along the line.

Which iOS version is your Apple device running right now? Leave your comments below.

For more iOS exploitation news and updates, follow us on Facebook and Twitter.

6 Comments

  1. Noah Sennett April 6, 2018
  2. Richard Fairbanks April 6, 2018
    • iOS Expert April 6, 2018
      • Nkliz April 11, 2018
  3. Josh April 6, 2018
    • iOS Expert April 6, 2018

Leave a Reply

Share6
Tweet