Over the New Year’s weekend, we shared the news about a new kernel file descriptor (kfd) exploit method called puaf_landa that expanded the prolific kernel exploit’s support to newer versions of iOS & iPadOS 16.x.
But to the jailbreak community’s dismay early Wednesday morning, some developers started walking back what was originally fantastic news after they discovered that Apple silently patched the puaf_landa method in iOS & iPadOS 16.7.
The circumstances would have been easy for anyone to miss, as Apple listed puaf_landa as being patched in iOS & iPadOS 17.0. But as several prominent developers noticed while trying to update various tools to support it, puaf_landabehaved oddly and didn’t produce expected results on iOS & iPadOS 16.7 or later.
Among those developers, are @alfiecg_dev, @mineekdev, and @MasterMike88, all of whom are established and trusted voices in the community today. Some of them have even contributed to modern jailbreak tools.
While both @alfiecg_dev and @mineekdev confirmed the findings, it was @MasterMike88 who explained the issue so eloquently in a post to X (formerly Twitter). In fact, it even captured the attention of Dopamine and TrollStore lead developer Lars Fröder (@opa334dev) as shown by the repost in the screenshot below:
If you’re interested in reading the gritty details and understanding why this is the case, you’re free to read them in the screenshot of the C post above, but we’ll summarize the need-to-know for almost users who may not understand the technical jargon below.
As it would appear, the patching of puaf_landa was overlooked for two major reasons: 1) because it wasn’t listed as patched in the iOS & iPadOS 16.7 release notes from Apple; and 2) because the original teaser screenshot showed the method appearing to work on an iPhone 8 running iOS 16.7.3.
It wasn’t until folks started snooping into log files to ascertain why the method wasn’t working properly that they stumbled upon unexplained errors and failures on devices running iOS & iPadOS 16.7 and later, which is what really rang the bell on this issue.
But it’s not all doom and gloom. If anything positive can be taken from all of this, it’s that we now have a kernel exploit that tops out at iOS & iPadOS 16.6.1 instead of iOS & iPadOS 16.5 (and 16.6 beta 1). This means that more people have access to TrollStore 2 than before and that the Kaspersky GreAT team’s PPL bypass can be used to make a jailbreak for iOS & iPadOS 16.5.1 in addition to iOS & iPadOS 16.0-16.5. So it’s still a useful method indeed…
In fact, even if you don’t plan on jailbreaking, the puaf_landa method should still prove useful for installing non-jailbreak add-ons on iOS & iPadOS 16.0-16.6.1 devices by way of package manager apps such as Misaka, Picasso, and PureKFD.
Are you saddened by today’s news? Discuss in the comments section down below.