New tfp0 Bug Found On iOS 12.3.1 Could Lead To Next Jailbreak, Do Not Update
Things move fast in the world of jailbreaking. After initially having some luck with iOS 13 vulnerabilities, the jailbreak community now has an iOS 12.3.1 tfp0 bug to contend with.
However, excitement aside, it comes with a stipulation: it has already been reported to Apple!
Twitter user @derrekr6 has taken to the social network to announce that he has “got” tfp0 on iOS 12.3.1. As we should all know by now, tfp0 is essentially what every researcher is hoping to achieve when they find a bug as it allows them to arbitrarily execute code at the lowest level as they see fit.
This is generally classified as the basis for any jailbreak so it stands to reason that the community is going to be up in arms and excited about a possible iOS 12.3.1 jailbreak ahead of any official iOS 13 release.
For those currently running iOS 12.3.1, the advice would generally be ‘do not update’ beyond that firmware version.
got tfp0 on iOS 12.3.1 :DD
(but the bug sucks and it’s quite unreliable)
Interestingly, the tweet not only confirmed that tfp0 on iOS 12.3.1 had been achieved but also stipulated that the bug used isn’t exactly reliable, meaning that it won’t necessarily guarantee the required results each and every time.
That level of unreliability suggests that it won’t be good enough to build a functional and reliable jailbreak on top of, which could suggest why user @derrekr6 has already reported the issue to Apple to not only inform the Cupertino-based business about the vulnerability but to also allow the company to patch the hole in iOS 13; should it still exist.
The fact that this has already been reported to Apple certainly will not sit well with hardcore jailbreak fans but there are undeniable reasons behind why that action has taken place. For now, it’s a case of exercising some patience and waiting to see if anything tangible actually comes from this discovery.
Will the usual suspects in the jailbreak community unite in order to try and piece something together from this announcement? Or, more likely, will this bug be good for research purposes and ultimately dwindle away into oblivion at the same time as earning the discoverer some Apple bug bounty bucks.