Google's Vulnerability Discovery Team Project Zero Releases Vulnerability Attack "tfp 0" Enabling Jailbreak of iOS 11
A famous technician from Google's vulnerability countermeasure team "Project Zero" attacks vulnerability existing in Apple's mobile OS "iOS 11"tfp 0"The details of it are clarified. The release of tfp 0 may create a jailbreak tool for iOS 11.1.2 and earlier terminals.
Google Researcher Releases iOS Exploit - Could Enable iOS 11 Jailbreak
Ian Beer of Project Zero published the details of tfp 0. Mr. Beer reports vulnerabilities in Apple's iOS 11 kernel, and the five vulnerabilities are fixed in the latest "iOS 11.2" update. On the latest iOS, Mr. Beer declared on Twitter that it will issue a release in the near future on an attack called "tfp 0" that exploits the vulnerability that was prevented.
If you are interested in bootstrapping iOS 11 kernel security research keep a research-only device on iOS 11.1.2 or below Part I (tfp 0) release soon.- Ian Beer (@ i 41 nbeer)December 5, 2017
As declared one week ago, Mr. Beer released details of tfp 0 on the Chromium blog. The method uses the bug of the dual release of memory in the kernel of the OS. Mr. Beer seems to have completed the proof-of-concept test on iPhone 6s, iPhone 7, 6th generation iPod touch terminals, and I think that this attack will be effective on all 64 bit Apple terminals.
In addition, security expert Jonathan Levin reports that the method published by Beer also worked with Apple TvOS 11.x and Apple TV 4K running on iOS 11.1.2. Because the macOS kernel shares the code base with iOS, there is a possibility that tfp 0 may be valid for macOS as well.
Congratulating unparalleled paragon of hacking@ i41nbeerfor a truly marvelous, clean exploit which also works (* confirmed *) on TvOS 11.x and the Apple TV 4K! My#Jailbreak#Toolkitwill be expanded to support this platform as well - and#LiberTVwill finally get its update :-)- Jonathan Levin (@ Morpheus______)December 12, 2017
This time Beer's details revealed tfp 0 permits code execution with kernel privilege and enables full OS core access on iOS 11 terminals prior to iOS 11.1.2. For this reason, it is expected that a general jailbreak tool for iOS 11 for iOS 11.1.2 or earlier using tfp 0 will be released. At the time of article creation, even with an Apple terminal updated to iOS 11.2, you can downgrade to iOS 11.1.2 if you use iTunes.