Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1.
Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.
configd
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A malicious application may be able to elevate privileges
● Description: A heap based buffer overflow issue existed in the DNS client library. A malicious application with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients.
● CVE-2015-7015 : PanguTeamGasGauge
● Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
● Impact: A malicious application may be able to execute arbitrary code with kernel privileges
● Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.
● CVE-2015-6979 : PanguTeam
Be careful not to update to iOS 9.1 if you want a jailbreak. The signing window for iOS 9.0.2 is still open so if you are on a lower firmware version it is still possible to install iOS 9.0.2 for a limited time.
Leave a Reply