Apple’s iOS 12.1.1 Security Details Highlight A New Ian Beer Kernel Exploit Which Could Potentially Lead To First iOS 12 Public Jailbreak
With iOS 12.1.1 now out in the public domain, Apple has also released its own internal security publication which outlines all of the patches included in the release from a security and privacy perspective.
Within that, Project Zero’s Ian Beer is once again credited with finding and reporting a kernel level bug to Apple, which has now been patched in iOS 12.1.1.
Whenever Apple releases a new version of its iOS platform the release notes are generally accompanied by a dossier published online which highlights all of the security fixes included in the firmware release. In addition to going over the type of bug that has been patched, the document also attributes the discovery to a specific individual or team. In this instance, Project Zero’s Ian Beer has, once again, been recognized as the reported of a kernel level bug which has been given the identifier CVE-2018-4461.
The information suggests that the bug is available in iPhone 5s and later, iPad Air and later, and iPod touch sixth-generation, and gives the impact as potentially allowing an application to execute arbitrary code with kernel privileges. Of course, to Apple, this needs to be patched with immediate effect and pushed out into the public domain, which is exactly what has happened with the release of iOS 12.1.1.
However, from a public perspective, it once again brings about hope that it could lead to a potential jailbreak for devices running firmware less than iOS 12.1.1. Jann Horn of Project Zero and multiple members of the TrendMicro Mobile Security Team have also been recognized as contributing kernel-level bugs.
With these bugs being patched in iOS 12.1.1, it takes away the possibility of them actually being useful in any type of jailbreak situation for devices running Apple’s latest firmware. However, it’s very evident that pre-iOS 12.1.1 firmware will still be susceptible to the reported kernel-level bugs.
It will be interesting to see if any of the reports take the opportunity to put together a proof-of-concept for the bugs that they have reported and whether or not anyone takes on the challenge of using these bugs to try and put together a jailbreak that makes use of the kernel vulnerabilities.
If this develops, we will be sure to keep you informed.