Apple Credit Evad3rs on Four Security Fixes in iOS 6.1.3

Posted March 19, 2013 at 6:33pm by iClarified | Please help us and submit a translation by clicking here | 27979 views

Apple has acknowledged the evad3rs for discovery of four of the six security issues fixed in iOS 6.1.3, notes MuscleNerd.

Apple gives hat tip to @evad3rs for 4 of the 6 security fixes in 6.1.3 :) http://is.gd/nfspim

dyld
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute unsigned code
Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed by refusing to load an executable with overlapping segments.
CVE-ID : CVE-2013-0977 : evad3rs

Kernel
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to determine the address of structures in the kernel
Description: An information disclosure issue existed in the ARM prefetch abort handler. This issue was addressed by panicking if the prefetch abort handler is not being called from an abort context.
CVE-ID : CVE-2013-0978 : evad3rs

Lockdown
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to change permissions on arbitrary files
Description: When restoring from backup, lockdownd changed permissions on certain files even if the path to the file included a symbolic link. This issue was addressed by not changing permissions on any file with a symlink in its path.
CVE-ID : CVE-2013-0979 : evad3rs

USB
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute arbitrary code in the kernel
Description: The IOUSBDeviceFamily driver used pipe object pointers that came from userspace. This issue was addressed by performing additional validation of pipe object pointers.
CVE-ID : CVE-2013-0981 : evad3rs

Read More


Share
Add Comment
toppdogg93 - March 20, 2013 at 1:38pm
gotta have the tweaks thts how it was apps on cydia way before apple
Ecko - March 20, 2013 at 12:59pm
I seriously hope they stay Evad3rs and dont get bought out. It's time "The Good Side" had some help to do whatever we want with the stuff we the AP pay our hard earned cash for.
culua - March 20, 2013 at 5:39pm
Men can easily be corrupted with money. Money = power. I told myself thst too but, money can get to you.
archbishop - March 20, 2013 at 9:00am
Does APPLE pay ANY money to Evad3rs for the iOS system security holes??? Just small amount... fe. 5ook EUR?
Sean - March 20, 2013 at 4:31am
Big F-U Apple if you close jailbreak am not going to buy your devices at all. Hello Samsung or HTC. Apple may think Ha people will buy because they will make their products better and hell no you are already far outdated.
DiRNiS - March 20, 2013 at 8:22pm
No one cares what you will do or buy.
1
Gill - March 20, 2013 at 4:22am
Sounds like Apple's way of giving Evaders a big FU! Bottom line, cydia tweaks makes this phone better than android. If i didnt have cydia tweaks....id be on an android. Simple.
18 More Comments
Follow iClarified