iOS 11.2.2 Jailbreak: Zimperium zLabs Finds iOS 11.2.2 Vulnerabilities, Jailbreak Tool Expected To Arrive Soon
While the tweak developers are still working on iOS 11.1.2 jailbreak tweaks, the hackers are working on iOS 11.2 and above exploits. As a matter of fact, Rani Idan, member of Zimperium zLabs, has revealed that his team has found vulnerabilities in Apple’s “bluetoothd” daemon which affect the iOS 11.2.2 and below software that can possibly lead in iOS 11.2.2 jailbreak.
What Are The iOS 11.2.2 Vulnerabilities?
The Zimperium hackers were able to find two vulnerabilities in the bluetoothd daemon in iOS. Based on their post here are the weaknesses of the iOS 11.2.2:
The first vulnerability is memory corruption in bluetoothd and the other is the execution of arbitrary code on different crucial daemons. The first vulnerability (CVE-2018-4095) is full relative (ASLR bypass) control on the stack in CoreBluetooth that leads to memory corruption over bluetoothd.
The second major vulnerability (CVE-2018-4087) leads to execution of arbitrary code on different crucial daemons in iOS by hijacking the session between each daemon and bluetoothd. Some of the impacted daemons are SpringBoard, mDNSResponder, aggregated, wifid, Preferences, CommCenter, iaptransportd, findmydeviced, routined, UserEventAgent, carkitd, mediaserverd, bluetoothd, coreduetd and so on.
Apart from that, vulnerabilities also affect the watchOS and tvOS, which are established on iOS.
Which iOS Versions Are Affected?
According to Zimperium zLabs, these above-mentioned vulnerabilities affect the following iOS versions: iOS 11.2, iOS 11.2.1 and 11.2.2 that can lead to iOS 11.2.2 jailbreak.
The iOS 11.2.5 is not supported because Apple already patched these bugs in that version. Also, the Cupertino-based company has acknowledged in the iOS 11.2.5 final release notes Rani Idan of Zimperium zLabs Team for the discovery of these iOS weaknesses.These will now be made public for some research and other purposes.
What Does The Discovery Of iOS 11.2.2 Vulnerabilities Imply?
What this could simply imply is similar to the Google’s Project Zero member Ian Beer’s iOS 11.0-11.1.2 exploit, which turned into a jailbreak tool for the public. This might also see a similar thing occurred for iOS handsets running iOS 11.2-11.2.2. But then, it still needs work before it could be turned into an effective jailbreak solution. Nonetheless, since the jailbreak community is active these days with jailbreak tools for iOS 11.1.2 arriving here and there it wouldn’t be a surprise if the same fate happens with the iOS 11.2.2.
Stay tuned for updates regarding the iOS 11.2.2 jailbreak toolkit. Meanwhile, let us know in the comment section your thoughts for Zimperium zLabs iOS 11.2.2 Vulnerabilities!