Apple Fixes iOS Flaw That Opened iPhones to Jailbreaks

Apple has released an emergency patch fixing a kernel vulnerability – for the second time – after it was accidentally unpatched in iOS 12.4.

The flaw (CVE-2019-8605), a use-after-free issue existing in the kernel, could enable a malicious application to execute arbitrary code with system privileges in up-to-date iOS devices. Worse, the flaw allows phones to be jailbroken — and a public jailbreak was released last week to take advantage of it on phones running the latest version of iOS.

“A malicious application may be able to execute arbitrary code with system privileges,” according to Apple’s newest iOS patch, iOS 12.4.1, released on Monday. “A use after free issue was addressed with improved memory management.”

The release of public jailbreaks — a method to escape Apple’s limitations on what apps and code can run on the iPhone – are atypical, especially for up-to-date phones. Jailbreaks are useful for those wanting to install custom code, add features or perform security research outside the purview of the Apple ecosystem – but can also expose phones to spyware and malware attacks.

The bug was initially discovered by Google Project Zero research Ned Williamson, who after the initial patch published an exploit for iOS 12.2, dubbed “SockPuppet,” that utilized the vulnerability to “achieve the kernel_task port on iOS 12.2 on [the]iPhone 6S+.”

Apple patched the vulnerability in a previous May update, but its most recent operating system update, iOS 12.4, accidentally unpatched the fix. Then, on Aug. 18 a hacker under the alias “Pwn20wnd” on Github released various fine-tuned jailbreaks for the latest version of iOS, based on SockPuppet.

“Pwn20wnd,” who was also credited in Apple’s Monday update, on Twitter confirmed the patch.

> I can confirm the exploit was patched in iOS 12.4.1 – – Stay on iOS 12.4!
>
> — Pwn20wnd is reviving 0-Days (@Pwn20wnd) August 26, 2019

Apple did not respond to a request for comment from Threatpost.

The phone giant also released updates for macOS Mojave and tvOS addressing the kernel vulnerability.

_Interested in more on the internet of things (IoT)? Don’t miss our free _Threatpost webinar, “IoT: Implementing Security in a 5G World.” Please join Threatpost senior editor Tara Seals and a panel of experts as they offer enterprises and other organizations insight about how to approach security for the next wave of IoT deployments, which will be enabled by the rollout of 5G networks worldwide. ****Click here to register.