Alibaba’s Min Zheng has once again taken to his favorite social network of choice to tease the jailbreak community with some iOS 11.3-related goodness.
This time around, rather than confirming the existence of kernel-level or 0day bugs, Zheng has confirmed that kernel read/write has been achieved and that he and his team will work with Apple to patch the bugs going forward.
Let’s take things in chronological order. In the first instance, Zheng took to social network to confirm to his audience that read/write privileges had been achieved with the iOS 11.3 kernel. This was on the back of a previous announcement which confirmed that it was possible to break KASLR on iOS 11.3 with relative ease.
The latest social communication on that topic says “Well, break KASLR and gain arbitrary kernel R/W on iOS 11.3” and comes with an accompanying image offering proof. Although, it’s unlikely that the accompanying screen snippet will mean anything to most people.
Additionally, a second post was a quoted tweet of one of Zheng’s previous tweets relating to the survival of a 0day bug which was left over from Apple’s beta testing of iOS 11.3 and made it into production. The latest post essentially confirms that Zheng will work with Apple to fix the bugs and that he will present more information about what has been found at a dedicated conference if his talk is accepted:
We submitted a talk about these vulnerabilities and exploit techniques to a conference. If the talk is accepted, we will help Apple to fix these problems and disclose the detail of the vulnerabilities.
The good news is that if his submission is accepted then it’s very likely that the community and any intrigued security researchers will find out additional information on what’s been found in the form of a presentation and intricate write-up. The bad news for the community is that it’s very unlikely anything will make it into the public domain until after Zheng and his team have worked with Apple to ensure that the bugs are patched in a future version of iOS.
We aren’t sure exactly what that means for an iOS 11.3 jailbreak going forward but it’s likely we will see iOS 11.4 release sooner than we imagined.