Few weeks back, Pangu team had reportedly demonstrated an iOS 8.4.1 jailbreak at the HackPwn2015 security conference.
Pangu team has just published a post on their blog titled ‘iOS 8.4.1 Kernel Vulnerabilities in AppleHDQGasGaugeControl’, which as the name suggests provides details about kernel vulnerabilities in iOS 8.4.1.
windknown, a member of the Pangu Team writes:
When auditing iOS kernel executable, we found that the code quality of com.apple.driver.AppleHDQGasGaugeControl is very bad. In this blog, we will disclose 3 vulnerabilities in this kernel extension on the latest public iOS (version 8.4.1). More importantly, one of these bugs is a perfect heap overflow vulnerability that allows us to defeat all kernel mitigations and gain code execution in the kernel, just by exploiting this single vulnerability.
He then goes on to provide more details about the three iOS 8.4.1 kernel vulnerabilities. He also notes that Apple has patched two out of the three vulnerabilities in iOS 9 beta 5. While he hasn’t explicitly mentioned it, it means that the jailbreak they had demonstrated for iOS 8.4.1, won’t work with iOS 9.
Apple is widely expected to release iOS 9 GM (Golden Master) to developers immediately after tomorrow’s iPhone event, followed by the release to the public next week.
Now that Pangu team has revealed the details about iOS 8.4.1 kernel vulnerabilities, it remains to be seen if they will release a jailbreak for iOS 8.4.1.
As always, we’ll let you know as soon as we get any further details about the iOS 8.4.1 jailbreak. don’t forget to join our Facebook Fan page, follow us on Twitter, add us to your circles on Google+, subscribe to our RSS feed, our Daily Newsletter or subscribe to our all-new push notifications on your Mac in Safari for the latest updates on the iOS 8.4.1 jailbreak.[via Pangu blog]