Ian Beer publishes new kernel vulnerability PoC based on bug that was patched in iOS 15.2

Esteemed security researcher Ian Beer published a piece to the Google Project Zero blog on Friday that appears to describe a kernel-level vulnerability proof of concept (PoC) using CVE-2021-30949.

In the write-up, Beer uses macOS for his proof of concept, however it’s worth noting that Apple patched CVE-2021-30949 with the release of iOS & iPadOS 15.2 near the end of last year, which means it should apply to iPhones and iPads too.

Citing Apple’s own security content support document for iOS & iPadOS 15.2, CVE-2021-30949 could have had the following impact on iPhones or iPads running iOS or iPadOS 15.1.1 or earlier:

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

Given the state of limbo that jailbreaking appears to be in with respect to iOS & iPadOS 15 at the moment, any news of kernel-level vulnerabilities for this firmware carries potential for good news.

Jailbreak developers are waiting for a workable exploit to get the ball rolling. Starting with iOS & iPadOS 15, Apple made jailbreaking even more difficult by introducing signed system volume (SSV) protections. All current jailbreak teams have suggested ways around this though, which means there could be a light at the end of the tunnel.

While we can’t comment on whether Beer’s latest PoC write-up will facilitate a jailbreak release for iOS & iPadOS 15, it certainly begs the question, and we’ll likely learn more in time. Some of Beer’s past exploits had went on to power jailbreaks, so it’s not unfathomable.

Since CVE-2021-30949 only works with iOS & iPadOS 15.1.1 and below, this is a particularly good example of why prospective jailbreakers should always stay on the lowest possible firmware and avoid updates, as newer versions tend to patch vulnerabilities like this one.

Are you excited to see what becomes of Beer’s latest PoC? Be sure to let us know in the comments section down below.