It is no surprise to us that Adam Donenfeld, the author of the Ziva exploit has owned the iOS yet again with a new kernel heap vulnerability he has discovered deep into iOS 11.2/11.2.2. According to Adam, Apple has finally acknowledged the vulnerability and fixed it in the iOS 11.2.5 which means that iOS 11.2 all the way up to iOS 11.2.2 supports a possible exploit for it.
For the jailbreak community, this means a lot since at this point it is definitely clear that iOS 11.2, iOS 11.2.1 and iOS 11.2.2 are jailbreakable, and vulnerable enough for a developer to even attempt a public jailbreak release. With the current influx of new jailbreak developers like Victor Oreskin, Ben Sparkes, Coolstar and many others, I am pretty sure that once such exploit is available for general public, they will start working with it. The same thing has happened with v0rtex exploit, async_wake, Ziva, triple_fetch, etc. I don't see why it would be different this time.
For the moment, Adam Donenfeld is apparently looking for a conference where he'd like to present his research and some tools he's developed to help him during the research. If he decides to publish a full exploit and a write-up, that would certainly be great for the community.
1/N Apple has finally acknowledged my kernel heap overflow and fixed it on 11.2.5 (CVE-2018-4109). While I didn't write an exploit, it's one of the most hidden vulnerabilities I've ever found, and it took me a couple of days to trigger it once I found it!
— Adam Donenfeld (@doadam) 5 February 2018
For the moment, we have the bluetoothd daemon exploit coming from Zimperium for iOS 11.2 – 11.2.2, and if Adam decides to also publish his work, thing start to look very interesting for iOS 11.2.x
For the moment, iOS 11.2.5 is the worst firmware you can be on if you wanna jailbreak (yet the safest if you're more into the security of your device than jailbreaking). So, if you're currently running iOS 11.2, iOS 11.2.1 or iOS 11.2.2, don't despair yet, things are starting to look nice for iOS 11.2.x, and even if you missed the Electra Jailbreak opportunity, it might not be long till you get those sweet, sweet tweaks.
! Use the coupon PL15OFF to get $15 off on my iOS App Developer Course! Learn how to make iOS Apps today!
▽ Resources ▽
▶ Learn how to make iOS Apps!
▶ New iOS 11.2/iOS 11.2.1/11.2.2 Kernel BUG To Be Released Soon
▶ iOS 11.1.2/10.3.x JAILBREAK UPDATE: Downgrades to iOS 9, iOS 10, G0blin and iOS 6.1.3 Signed (4S)
▶ NEW iOS 11.1.2/11.0 JAILBREAK (LiberiOS) RELEASED! | What you need to know!