Pangu Details Kernel Vulnerabilities in iOS 8.4.1

Pangu Details Kernel Vulnerabilities in iOS 8.4.1

Posted by · 9960 views · Translate
Pangu has posted some details on kernel vulnerabilities discovered in iOS 8.4.1's AppleHDQGasGaugeControl that likely were used to demonstrate a jailbreak of the firmware.

When auditing iOS kernel executable, we found that the code quality of com.apple.driver.AppleHDQGasGaugeControl is very bad. In this blog, we will disclose 3 vulnerabilities in this kernel extension on the latest public iOS (version 8.4.1). More importantly, one of these bugs is a perfect heap overflow vulnerability that allows us to defeat all kernel mitigations and gain code execution in the kernel, just by exploiting this single vulnerability.

Unfortunately, the team has already confirmed that the vulnerabilities cannot be triggered inside the container sandbox and that the 2nd and the 3rd bugs are already fixed in iOS 9 beta 5.

For more updates on a potential jailbreak for iOS 9, please follow iClarified on Twitter, Facebook, Google+, or RSS.

Read More [via iH8sn0w]


Pangu Details Kernel Vulnerabilities in iOS 8.4.1
JoshvanHulst - September 9, 2015 at 4:13pm
I hope they can penetrate the kernal. Definitely wanting a jailbreak soon
Jesus Christ - September 9, 2015 at 12:39am
Posting*. God damnit.
Vallybrat - September 8, 2015 at 8:11pm
Since using Pangu jailbreak there's been vulnerability hummmmmm....
Red - September 8, 2015 at 5:14pm
So when are they releasing a jailbreak for iOS 8.4.1 ?
Recent