Bad news for Jailbreakers.
We have just got a confirmation that Apple has indeed fixed the vulnerability in iOS 5.1 that was used in the Absinthe jailbreak for iPhone 4S and iPad 2 on iOS 5.0.1 or iOS 5. Apple has given the "2012 iOS Jailbreak Dream Team" credit for discovering the vulnerability in the document that provides details about the security issues that have been fixed in iOS 5.1.
Kernel
Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A malicious program could bypass sandbox restrictions
Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges.
CVE-ID
CVE-2012-0643 : 2012 iOS Jailbreak Dream Team
Apple has also credited pod2G for the HFS vulnerability, we're not sure if this was the one used in the Corona jailbreak for iPhone 4, iPhone 3GS, iPod touch 4g, iPod touch 3G and iPad 1.
HFS
Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution
Description: An integer underflow existed with the handling of HFS catalog files.
CVE-ID
CVE-2012-0642 : pod2g
pod2G had almost confirmed this earlier today when he tweeted that he was working hard to find a vulnerability in iOS 5.1 for an untethered jailbreak.
It remains to be seen how long it will take the brilliant jailbreak dream team to release an untethered jailbreak for iOS 5.1.
If you're still on iOS 5.0.1 or ealier then it is recommended to avoid updating to iOS 5.1 until the jailbreak tools for iOS 5.1 are released.
No comments:
Post a Comment