Home
Abraham Masri releases PoC overflow vulnerability for iOS 11.3

Abraham Masri releases PoC overflow vulnerability for iOS 11.3

March 5, 2018 Jailbreak, News 3 Comments

Although Abraham has left the jailbreak community, he keeps the goodies coming. Here’s a new 0-day vulnerability that the young hacker released today.

How racer#2 PoC overflow vulnerability works

Dubbed racer#2, the latest proof-of-concept vulnerability by hacker Abraham Masri overflows the “securityd” daemon of iOS 11.3.

It gives the attacker complete control over certain registers. However, controlling registers is useless once the PoC hits memcpy().

If the attacker can abort it before hitting memcpy(), the attacker can get unsigned code execution ability.

hacker

Exploiting the racer#2 vulnerability requires a “certain technique”, which Abraham obviously didn’t disclose.

Things will become more clear when Abraham publishes an in-depth write-up for this proof-of-concept in the near future.

How can hackers use racer#2

According to security researcher Siguza, racer#2 could potentially lead to a sandbox escape.

He erroneously presumed that this could also lead to root access and quickly redacted his statement.

The German hacker also pointed out that he will not work on this proof-of-concept anytime soon.

All in all, it’s a very primitive sandbox escape in its present form. 

Where does this leave us?

Don’t get your hopes too high just yet because Apple already knows that this vulnerability exists.

Abraham reported it to Apple on March 4, purportedly as a part of the bug bounty program.

As iOS 11.3 is still in beta, Apple will definitely fix the “racer#2” vulnerability in the “Golden Master” build.

Moreover, jailbreak developers never focus exclusively on beta firmware versions.

liberios

Therefore, this renders this vulnerability absolutely useless for those of you who are using any beta build of iOS 11.3.

Here are some more vulnerabilities that were discovered for iOS 11.2 and above –

For more iOS security news, follow us on Twitter and Facebook.

16 Shares

Related Posts

About The Author

Gian

Gian is the resident jailbreak expert at Yalu Jailbreak. He has been jailbreaking his iPhone since 2010. Best way to catch his attention? Show him a tweak he hasn't installed.

3 Comments

  1. Abubakar April 14, 2018

    It’s not easy to install

    Reply
  2. Frank March 5, 2018

    Does this exploit have in iOS 11.2.6 to iOS 11.2 ?

    Reply
    • iOS Expert March 5, 2018

      Yes, it works apparently but thee’s no official confirmation yet.

      Reply

Leave a Reply

Share via
Facebook
Twitter
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap