Apple credits evad3rs Jailbreak team with security flaws fixed in iOS 6.1.3

evasi0n-jailbreak

We learned earlier today that Apple had released a software update for iOS 6.1.3.  We knew this was rumored to be coming soon, as we had heard that Apple had indeed patched at least one of the evad3rs jailbreak exploits used by evasi0n.  Recently David Wang, a.k.a. @planetbeing, sat down with Forbes’ staff writer Andy Greenberg to talk about the patched vulnerabilities and what they mean for the future of evasi0n.

Today @MuscleNerd pointed out that Apple had credited the evad3rs group for identifying (4)  security flaws that they had used to assist in the formation of evasi0n.  Even though Apple finally patched the security flaws in iOS 6.1.2, it’s actually kind of cool that they gave the evad3rs team formal recognition for finding the bugs to begin with.  The security flaws that evad3rs were credited with were

 

  • dyld Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and laterImpact: A local user may be able to execute unsigned codeDescription: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed by refusing to load an executable with overlapping segments.CVE-ID CVE-2013-0977 : evad3rs
  • Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and laterImpact: A local user may be able to determine the address of structures in the kernelDescription: An information disclosure issue existed in the ARM prefetch abort handler. This issue was addressed by panicking if the prefetch abort handler is not being called from an abort context.CVE-ID CVE-2013-0978 : evad3rs
  • Lockdown Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and laterImpact: A local user may be able to change permissions on arbitrary filesDescription: When restoring from backup, lockdownd changed permissions on certain files even if the path to the file included a symbolic link. This issue was addressed by not changing permissions on any file with a symlink in its path.CVE-ID CVE-2013-0979 : evad3rs
  • USBAvailable for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code in the kernel Description: The IOUSBDeviceFamily driver used pipe object pointers that came from userspace. This issue was addressed by performing additional validation of pipe object pointers. CVE-ID CVE-2013-0981 : evad3rs

 

 

 

 

Continue reading:

TAGS: , , , , , , ,