Apple Has Fixed Vulnerability Used in Absinthe Jailbreak in iOS 5.1

greenpois0n absinthe

We have some bad news, but it was expected.

We have just got a confirmation that Apple has indeed fixed the vulnerability in iOS 5.1 that was used in the Absinthe jailbreak for iPhone 4S and iPad 2 on iOS 5.0.1 or iOS 5.

Apple has given the “2012 iOS Jailbreak Dream Team” credit for discovering the vulnerability in the document that provides details about the security issues that have been fixed in iOS 5.1.

Kernel

Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Impact: A malicious program could bypass sandbox restrictions

Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges.

CVE-ID

CVE-2012-0643 : 2012 iOS Jailbreak Dream Team

Apple has also credited pod2G for the HFS vulnerability, we’re not sure if this was the one used in the Corona jailbreak for iPhone 4, iPhone 3GS, iPod touch 4g, iPod touch 3G and iPad 1.

HFS

Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution

Description: An integer underflow existed with the handling of HFS catalog files.

CVE-ID

CVE-2012-0642 : pod2g

pod2G had almost confirmed this earlier today when he tweeted that he was working hard to find a vulnerability in iOS 5.1 for an untethered jailbreak.

It remains to be seen how long it will take the brilliant jailbreak dream team to release an untethered jailbreak for iOS 5.1.

If you’re still on iOS 5.0.1 or ealier then it is recommended to avoid updating to iOS 5.1 until the jailbreak tools for iOS 5.1 are released.

As always, we’ll let you know as soon as there’s any update so stay tuned at iPhone Hacks or join our Facebook Fan page or follow us on Twitter or add us on Google+ or subscribe to our RSS feed.

[via iDB]

Like this post? Share it!

  • Paradox

    I am so just waiting for the kiddies to start b*tching at the dream team and of course the one lam3r who will be asking on the 16th(or earlier) “will this work on the “new” iPad?

    The silence from all of them was so nice… alas all good things come to an end.

    Good luck Dream team on 5.1 and thanks for all the effort in 5.0.1

    • user

      Well 5.1 solved battery issue,reason enough to update for me,also the fast camera switch

  • vahid

    Ohhhhh, Gloomy Monday … :((

  • Lahey

    This remains about money. If the debs see the money stream from Cydia as worthwhile they need to work to preserve it by establishing reliable jailbreaks. If they don’t, then jail breaking is unlikely to continue. That would also mean sites such as this would have to rethink their revenue stream.

    I don’t care either way.

  • Zed Sefi

    It is now the right time for the hackers to upgrade their team to JESUS team because simply the dream team is not going to be enough of a challenge to beat Apple on iOS 5.1

    • Zed Sefi

      What I would care about (at this stage) is to find a way to downgrade to iOS 5.0.1 despite how impossible it may seem (because SHSH Blobs are not working anymore, but there got to be a way to crack the random generator). We got a jailbreak working on iOS 5.0.1 so we have to hang on tight on it and add any new features that were added to iOS 5.1 through Cydia updates

      • Ummm Da Dum

        this make sense. instead of updating with Apples iOS files. why cant the new tweaks, features etc of 5.1 be added to 5.01 through cydia.

        as mentioned below the is nothing in 5.1 i want but i would like to update certian apps that require 5.1 (iMovie, nice to try iPhoto aswell)
        but ill happily wait

    • Orgil

      How poetic, but well said neverthless

  • Lahey

    If the $ makes sense the devs should invest the time and effort. I recommend against spending any $ on Cydia meanwhile though. Potentially wasted because continued JB status isn’t guaranteed.

    • Don’t Update

      It is guaranteed if you don’t buy a new device and don’t update your existing devices with iOS5.1

      • Lahey

        Jailbreaks are sometimes lost when the phone locks up to the extent that a restore is necessary. Although scores of people on both sides have worked a great deal to prevent such a thing from happening, it does happen. In that case, at this point a late model iPhone owner will be off Cydia and will have lost any money spent on Cydia apps.

  • Chris

    Honestly, I don’t see anything appealing enough for me to try to upgrade to iOS 5.1. I don’t have the iPhone 4S, but thanks to my p[hone being Jailbroken I still have Siri and it works very well (don’t know why Apple won’t implement it across the board).

    I think something that is being missed here is that Apple is actually giving credit, which is thanking the Jailbreak team. I truly think that Apple is missing a major opportunity here, all that they need to do is work with the Jailbreak Dream Team to develop a section in iTunes of “Unapproved Apps” that give a clear warning when installing them that the Apps are not approved by Apple and if you come in for warranty service, they will be removed prior to warranty service being performed.

    This would allow those that want to use the jailbreak Apps to do so without risking their Apple Warranty and would allow Apple a way to deal with the people that want to run these Apps and not end up with the negative publicity of everything being so closed, especially when compared with it’s competitors.

  • mkimid

    We can not blame apple, we just keep watch the status

  • joe

    still no bloody unlock for iphone 4 … 5.0.1…04.11.8…..whyyyyyyyyyyyyyyyyyyyyyyyyyy

    • Wite Boy

      sell it and by one that works on your carrier, DERP

    • Donald

      Use SAM to unlock. May be Apple block that but just try. Apple block because they want to sell Factory unlock phone $649+tax. They make harder for jailbreak because they want to sell the app on App Store.

  • aka

    I was thinking, if apple makes new iPhone unjailbrakeble how many of us are actually going to buy it and by us I mean people who like design and like to use the phone freely, not people who are in love with apple and Steve jobs is their god (RIP).

    • Paradox

      What we need to find out is how many people actually jailbreak their phones as a percentile of sold iPhones. I have no actual numbers but I would be willing to guess its less than 5% of sales. Of my classmates who had iPhones (probably 60-65% of them) only 2 of the 100+ knew what I was talking about when I discussed jail breaking. And these were younger more tech savvy individuals. Now take the overall population which includes older adults who don’t even know they can connect the phone to iTunes and I would expect the numbers dwindle further.

      • aka

        You got good point; most of my friends do not even put music in their phones. Just make calls and surf web. We are in late 20ties though,i somehow thought younger people would jailbreak a lot.

        • Paradox

          LOL I’m 40 but.. I was one of those continuing adult education peeps after being laid off. Most of the students were 18-22. You’d think they’d be more into the scene having less money at their disposal .. but then again .. they grew up in a generation where much of everything was handed to them. (at least in this area)

    • Lahey

      iPhone, and i-device in general, sales are through the roof. Whether jail breakers buy it or not isn’t relevant. The only thing that is relevant is whether there is enough money changing hands via Cydia to make continued jailbreaks compelling.

      So far the answer seems to be “no,” because no jailbreak seems to be around the corner and we know of leaked 5.1 code for some time now in key locations, meaning those interested enough (make that inter$ted enough…) would have gotten their hands on it and would have been working on a jailbreak well ahead of time.

      This did not seem to happen as far as I can work out; granted, these data are not my concern and everyone’s busy.

      Again, money talks. If Cydia makes enough money for people to notice it’ll dry up, a new jailbreak will come. If not…

      Incidentally, an unlock for firmware(s) not already covered isn’t realistic.

  • Duh

    It should be about the money! They must be putting in countless hours to make all the crybabies happy, meanwhile the others wait patiently and thank them graciously for their services.

    • joe

      thank them for what its been bloody 6 months now and still no unlock for iphone 4. i think there beat on the unlock but will not admit it. there are 1000s with iphone 4 still waiting for the unlock who like me bought there phone with 04.11.08 on it.
      so come on dream team prove your worthy of our money.

      • Paulg

        Don’t waste your time waiting for a software unlock from the dev team. It won’t happen. Your best bet is to take a loss and sell that brick you have. Gevey won’t even create one for it because they are now focused on the 4s.

        • Dee

          Why not either pay your service provider or a private company to unlock it for you. I guess its always easy to blame the Dream Team because they take donations, which a few people are willing to pay them for working on Jailbreaks as this is always the most important part. I guess the all those others that moan are the other few that dont want to pay for anything. I have a 4s on 5.01 jailbroken and unlocked by Three mobile (I paid for this), I will wait until a solution can be found, If one isnt found them no probs I will seat on 5.01 as long as my phone keeps working. Why moan or rush others when they are doing ALL OF US A FAVOUR

          • joe

            DEE….for your information i always donate like you i am on three network i didnt know they unlocked your phone. i have looked everywhere on there sight for info. can you please tell me how you got your info as i cant go to 3 shop its far away from where i live.

      • jason

        If you want an unlock, spending about $150 at cutyoursim.com for an IMEI unlock. It’s permanent and they guarantee it.

        • Dee

          Joe, I didn’t go into a three shop, I called the customer services dept, adv’d I wanted phone unlocked they charged me £15 and had to wait 5working days, Got a txt message from them to sync to itunes and DONE !, Also in UK if your with o2 they unlock free if your on contract even after a day, T-Mobile charge I think £20. Vodafone are a bit tricky as they try and avoid doing it for you.

          • Retribution1888

            Joe and dee, you need to remember when 3 send you the text message you need to put a different network sim card in and activate it over iTunes then it is unlocked all networks, mine was completed in 30 hrs and works all networks

  • Fingers21

    iPhone 4 is different from iPhone 4s jailbreak due to a5 chip, the new iPad has a different chip again with the a5x, I think the dream team may have there work cut out for them! I had to get rid of my 4s jailbreak, as I NEEDED the battery fix, but it made it worse, a trip to apple today, got me a new 4s that is running 5.0.1 and NO battery issues, so I can have my jailbreak back, luckily!

  • Stew357

    How can I downgrade from the upgrade that apple made me do so I can jailbreak my iPhone

    • Dee

      You cant right now. Keep an eye on this site for more info.

  • blame truth

    Comex you bastard!!! ..in the golden palms of apple :/

  • Ummm Da Dum

    the is nothing in 5.1 that i want but i would like to update iMovie which requires 5.1.

    anyway of tricking apps into thinking i have 5.1 so i can update them?
    am sure the is nothing within 5.1 that iMovie requires just Apple trying to tempt people to update

  • http://www.motorbeam.com/ fas

    Wasn’t that obvious, no rocket science there.

  • Doug

    I know this will seem like a stupid question but im inexpienced with jailbreaking. Is it 5.1 on 4s and 4 that cant get a untethered jailbreak or just 4s. I just took intrest in jailbreaking and I’d rather not have to use to use a computer to turn my phone on. I have iphone 4 and downloaded 5.1 which I now regret doing.

  • http://www.etravelvn.com Quang

    I really don’t care. I am using iPhone 3g. :)

  • jabir

    Battery Fix iOS5 ? By editing the com.apple.SystemPowerProfileDefaults.plist file
    Just wanted to share this link.. not sure if anyone have seen this or try this yet?..

    see below the detail i pulled from the internet..

    http://www.iphonejailbreak.me/tweak-…fe-in-ios-5-x/

    If you’re a heavy iPhone user like me, your battery probably won’t last more than a day. Check out this jailbreak tweak that might help squeeze out more juice from your battery.

    Just like a computer’s operating system, iOS also comes with power management that adjusts how much your device uses power. By editing the com.apple.SystemPowerProfileDefaults.plist file, you may be able to increase your battery life.

    I left my iPhone overnight at 85% battery power with WiFi, 3G and GPS turned on. By 8am the next day, it only consumed 2% of power. Not too bad, huh?

    Let’s cut to the chase, here’s how to do it:

    1. Download DiskAid or i-FunBox.

    2. Download one of these power profiles:

    see attachments

    Ultra power saving profile ultra_power_saving_mode.zip
    Medium power saving profile medium_power_saving_mode.zip
    Default power profile default_power_profile.zip

    3. Launch DiskAid or i-FunBox and browse to the following folder location:

    /System/Library/CoreServices/powerd.bundle/

    4. Replace or overwrite the com.apple.SystemPowerProfileDefaults.plist with the one you just downloaded in step 2.

    5. Reboot your device and you’re done!

    If you like to revert to default power profile, simply use the default power profile plist file.

    I haven’t tried this on iOS 4.x yet but if you would like to try (at your own risk), the .pfile file is located at the following folder:

    /System/Library/SystemConfiguration/PowerManagement.bundle

    Good luck and share with everyone if this helps!

    check this link plz..

    http://forums.macrumors.com/showthread.php?t=1313553

  • HDub

    Why make jailbreaking vulnerabilities public in the 1st place? Surely if these as kept on the down-low, Apple will be in less of a hurry to fix them. Am I missing something?

  • idk

    i got untethered 5.1 on accident trying to get tethered