Apple credits “2012 iOS Jailbreak Dream Team” for kernel exploit

For those of you wondering whether or not Apple keeps close tabs on the jailbreak community, well, you can stop wondering. The company directly refers to jailbreakers on its new iOS 5.1 security content page.

As most of you know, Apple patched the exploits used in both the Corona and Absinthe jailbreak tools in the software update. And apparently, it’s aware of exactly who is responsible for creating them…

Apple credits the “2012 iOS Jailbreak Dream Team” with finding a kernel exploit that is patched in iOS 5.1. Here’s a full breakdown of the bug:

“Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2

Impact: a malicious program could bypass sandbox restrictions

Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code  execution in other programs with the same user privilages.


CVE-2012-0643 : 2012 iOS Jailbreak Dream Team”

It’s not necessarily interesting that Apple is crediting jailbreakers for an exploit — it’s done that before. No, what’s interesting about this is that Apple actually says the “Dream Team,” a name we thought only existed in blogs and other corners of the jailbreak community.

It’s also worth noting that Apple credits pod2g alone for finding two other exploits that are patched in iOS 5.1: an HFS bug that allows for arbitrary code to execute on a device via a maliciously crafted disk image, and a VPN hack with a similar impact.

The bad news here is that these guys made Apple’s iOS 5.1 security page because the exploits, which were used to jailbreak iOS 5.0.1, are now gone. But the good news is that it looks like these talented folks are already working on finding new ones.

Thanks Chronic!