November 25, 2024

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Posted October 21, 2015 at 6:56pm by iClarified · 25160 views
Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1.

Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple's document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

-----
configd
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A malicious application may be able to elevate privileges
● Description: A heap based buffer overflow issue existed in the DNS client library. A malicious application with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients.
● CVE-2015-7015 : PanguTeam

GasGauge
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A malicious application may be able to execute arbitrary code with kernel privileges
● Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.
● CVE-2015-6979 : PanguTeam
-----

Be careful not to update to iOS 9.1 if you want a jailbreak. The signing window for iOS 9.0.2 is still open so if you are on a lower firmware version it is still possible to install iOS 9.0.2 for a limited time.

Please follow iClarified on Twitter, Facebook, or RSS for updates.