Apple Has Fixed Vulnerability Used in Absinthe Jailbreak in iOS 5.1


greenpois0n absinthe

We have some bad news, but it was expected.

We have just got a confirmation that Apple has indeed fixed the vulnerability in iOS 5.1 that was used in the Absinthe jailbreak for iPhone 4S and iPad 2 on iOS 5.0.1 or iOS 5.

Apple has given the “2012 iOS Jailbreak Dream Team” credit for discovering the vulnerability in the document that provides details about the security issues that have been fixed in iOS 5.1.

Kernel

Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Impact: A malicious program could bypass sandbox restrictions

Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges.

CVE-ID

CVE-2012-0643 : 2012 iOS Jailbreak Dream Team

Apple has also credited pod2G for the HFS vulnerability, we’re not sure if this was the one used in the Corona jailbreak for iPhone 4, iPhone 3GS, iPod touch 4g, iPod touch 3G and iPad 1.

HFS

Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution

Description: An integer underflow existed with the handling of HFS catalog files.

CVE-ID

CVE-2012-0642 : pod2g

pod2G had almost confirmed this earlier today when he tweeted that he was working hard to find a vulnerability in iOS 5.1 for an untethered jailbreak.

It remains to be seen how long it will take the brilliant jailbreak dream team to release an untethered jailbreak for iOS 5.1.

If you’re still on iOS 5.0.1 or ealier then it is recommended to avoid updating to iOS 5.1 until the jailbreak tools for iOS 5.1 are released.

As always, we’ll let you know as soon as there’s any update so stay tuned at iPhone Hacks or join our Facebook Fan page or follow us on Twitter or add us on Google+ or subscribe to our RSS feed.

[via iDB]

Like this post? Share it!