Apple Fixes 4 Security Flaws Used By Evasi0n in iOS 6.1.3

evasi0n-icon

Back in late February, the evad3rs dev team confirmed that Apple had fixed couple of vulnerabilities used by team in the evasi0n jailbreak in iOS 6.1.3 beta 2.

This means that the evasi0n jailbreak, the most popular jailbreak ever, will no longer work with iOS 6.1.3, which was just released to users couple of hours back to fix the Lock screen security flaw.

In February, David Wang aka planetbeing revealed that iOS 6.1.3 beta 2 had fixed at least two security vulnerabilities used by the evasi0n jailbreak.

However, MuscleNerd of the evad3rs has just shared a link to an email from Apple Product Security, which reveals that Apple has fixed six security flaws in iOS 6.1.3, of which four were used by the evasi0n jailbreak.

evasi0n was a combination of five different security flaws, most of them harmless individually, but together capable enough to jailbreak iOS 6.x.x.

Apple has given credit to the evad3rs dev team for finding these vulnerabilities:

dyld
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute unsigned code
Description: A state management issue existed in the handling of
Mach-O executable files with overlapping segments. This issue was
addressed by refusing to load an executable with overlapping
segments.
CVE-ID
CVE-2013-0977 : evad3rs

Kernel
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to determine the address of
structures in the kernel
Description: An information disclosure issue existed in the ARM
prefetch abort handler. This issue was addressed by panicking if the
prefetch abort handler is not being called from an abort context.
CVE-ID
CVE-2013-0978 : evad3rs

Lockdown
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to change permissions on arbitrary
files
Description: When restoring from backup, lockdownd changed
permissions on certain files even if the path to the file included a
symbolic link. This issue was addressed by not changing permissions
on any file with a symlink in its path.
CVE-ID
CVE-2013-0979 : evad3rs

USB
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute arbitrary code in the
kernel
Description: The IOUSBDeviceFamily driver used pipe object pointers
that came from userspace. This issue was addressed by performing
additional validation of pipe object pointers.
CVE-ID
CVE-2013-0981 : evad3rs

Wang has said that they have discovered enough bugs to nearly build a new iOS jailbreak if all the bugs they used in evasi0n are fixed.

We’ll have to wait and see what evad3rs have to say now that most of the vulnerabilities used in the evasi0n jailbreak have been fixed in iOS 6.1.3.

It goes without saying that jailbreakers should avoid upgrading to iOS 6.1.3 and be extremely careful while installing jailbreak tweaks.

Like this post? Share it!

  • ROTTEN APPLES

    NOOOOOOO WELL I HOPE MY DAUGTHER UPDATE SHES ONLY 8 SO NOW I HAVE TO FIGURE OUT HOW TO PREVENT THAT

    • Rotten apples

      I meant doesn’t update

    • Über

      Don’t give an 8 year old an iPhone. Problem solved!

      • Slick

        i think since Evasi0n 1.2 they’ve added disable over-the-air updates

      • Rotten apples

        I know it’s my old 3GS plus she does good at school plus I can’t afford to buy new stuff so yes it’s her iPhone it has no Servises also it doesn’t leave the house thanks for the feed back everybody

        • blu

          My 10 year old has my old 3GS with the same setup, no service, but just a fancy iPod for her and cost me nothing extra.With it being JB I have a lot more control over it also, so I am sitting on 6.1.2 for a while with it.
          As said, Evasi0n has a block on if for OTA updates, so that should not be an issue, just make sure she does not hook it up to iTunes. The good thing is since it is a 3GS, if you saved your blobs from older versions you can back up to those.

  • D4

    Be amazing if the team could create a program like iTunes, where they could create there own full CFW and use there own iTunes style to apply it… we can only dream cant we.

  • bcsc

    Great work Apple. Slap your paying customers in the face by closing the hole that gives them freedom. Seig Heil Apple, Mein Furher.

    • blu

      From a security standpoint they have to. It is a know exploit that someone can use to take over a device.
      While we use them for jailbreaking and our own good, other can use them for bad. I don’t like it, but it is something that had to be done.
      What if Microsoft left know security exploits unpatched (oh wait, they have and they caught crap for not fixing it quicker).

      • http://www.iphonehacks.com iPhoneHacks

        Yeah that’s true, Apple doesn’t really have an option. As we had mentioned in this post (http://www.iphonehacks.com/2013/02/evasi0n-jailbreak-wont-work-on-ios-6-1-3.html), security researchers had highlighted some of the ways the vulnerabilities could be used by someone with malicious intent.

        • http://twitter.com/badboy40 ADS

          Can someone tell me when was an iphone last hacked using jailbreak methods. I dont think theres a risk personally. I remember the issue about the alpine password yet never really heard of an accual incident of it happening. The chances of phone being hacked is extremely remote i think

          • bcsc

            I did get hit by the ssh password. I had to download a specific fix to repair it. It only locked out my ability to use openSSH. While it was a virus, it was not too harmful. Just intended to inform.

      • bcsc

        I get what you are saying. Apple can not allow unsigned code to be run if they are to be secure. Same as RIM have completely blocked rooting. I suppose this is the inherent problem with a closed system. While the security is nice, I’d prefer the options of the jailbreak. I’m sure at some point in the past, there was a fix made available through Cydia, for a similar issue. I can’t remember exactly though

    • Kraken

      Here comes several more quarters of Samsung dominance.

  • Andy

    Do we know if apple are still signing 6.1.2?

  • http://profiles.google.com/sebastian.rasch Sebastian Rasch

    Yep and that’s it then. Next Jailbreak 2014.

  • loganexplosion

    “It was a nice run evad3rs. Had to close out some day. Nobody wins them all.”

  • Slick

    so sad

  • Andrew

    Well if they have enough for a new jailbreak maybe they should hold off till iOS 7. Sorry for all the people that didn’t get to jailbreak but they shouldn’t burn the rest of the exploits just for 6.1.3. Look how hard it was to jb 6.0. I can’t imagine how hard it will b to jb iOS 7. I dunno just a thought.

    • Jimothy

      I agree, it would be a shame to waste exploits.

  • Sk

    Thats why i upgraded to 6.1.2 before that one came out. May be on that version for a while.

  • wat?

    so i’m stuck at 6.0 since i missed updating to 6.1.2. really i don’t mind. but i’d like to know, if i jailbreak, and want to do a restore, can i restore to 6.0? (I know i can’t restore to 6.1.2), and how do i do it?

  • simon

    what happen if need to do a restore,we can’t even do that

  • http://twitter.com/badboy40 ADS

    Ill never upgrage my ios until i know that a jailbreak is available. A day will come ehen i cant jailbreak so will look at a galaxy so i have the ability to customize it. Thanks to all the people who create the most amazing tweaks and themes and share them with us on cydia. I love the way my phone appears and functions now. Cheers

  • osman barrie

    i am new here i need help how to download