Updated:10:56 AM EST Dec 05


this is ggmania.com subsite Apple rushes out iOS 15.0.2 just hours after 15.0.1 - TechAmok

Apple rushes out iOS 15.0.2 just hours after 15.0.1 - [security]
07:55 AM EDT - Oct,14 2021 - post a comment

On Monday, Apple issued an urgent security fix for a zero-day flaw in iOS 15 and iPadOS 15 that hackers are actively exploiting. The patch came the same day it released iOS 15.0.1. The bug (CVE-2021-30883) causes a memory-corruption error in the IOMobileFrameBuffer, a kernel function that allows developers to allocate how their apps use system memory to control the display. "An application may be able to execute arbitrary code with kernel privileges," read Apple's patch notes. "Apple is aware of a report that this issue may have been actively exploited." The patch notes did not go into great detail about the bug. However, shortly after Apple released iOS and iPadOS 15.0.2, security researcher Saar Amar published a blog post explaining the exploit and created a proof-of-concept (POC) to show that it works "100 percent of the time." Amar said the flaw is "great for jailbreaks" because it is accessible from the app sandbox.

After examining the BinDiff (a tool that shows differences in disassembled binaries), Amar concluded that the flaw was not just good for granting kernel privileges but could also be used for LPE (local privilege escalation) exploits. He tested his very simple (one page of code) POC on iOS versions 14.7.1 (physical iPhone X) and 15.0 (virtual iPhone 11 Pro) but said the bug is likely much older than that. He ran the code five times on each device, and the POC triggered a panic in every instance. Amar's code caused integer overflows in areas other than the IOMobileFrameBuffer, but the patch also seems to have corrected those. "An interesting important note is that other implementations of these functions in other classes also had this integer overflow," Amar wrote. "As far as I can see, the patch fixed these as well."

Aside from the jailbreaking potential, this security flaw is similar to the nasty one (CVE-2021-30807) that Apple patched in July. Malicious attackers could use the bug to hijack the device completely (and apparently are). So it's best to install the patch as soon as possible.

Short overview of recent news articles

Samsung Galaxy S22 Ultra - GOOD NEWS (Dec,05 2021 )

Experiment: LAVA vs BULLETPROOF GLASS (Dec,04 2021 )

iPhones of US diplomats hacked (Dec,04 2021 )

Here's The Definitive Method To Cooking Eggs (Dec,04 2021 )

Bitcoin just fell 10% reaching $43,000 (Dec,04 2021 )

Money Heist - Series Trailer #Netflix (Dec,04 2021 )

The Matrix Resurrections - Deja Vu (Dec,04 2021 )

Tattoo Artists Share The Tattoos That Changed Their Minds About Sex (Dec,03 2021 )

This Product Aged Like Fine Milk (Dec,03 2021 )

NVIDIA GeForce 497.09 WHQL Driver released (Dec,01 2021 )

My RTX 3090 is OVERHEATING with this GTA 5 (Nov,29 2021 )

GeForce RTX 3050 rumored to be faster than GTX 1660 SUPER (Nov,28 2021 )

How Much Does Your Motherboard Affect Performance? (Nov,26 2021 )

Lidija Bacic Lille - bikini beach (Nov,26 2021 )

This $5000 Graphics Card Can't Game (Nov,25 2021 )

Linux Command-Line Tips & Tricks: Over 15 Examples! (Nov,25 2021 )

The Grand Tour Presents: Carnage A Trois | Official Trailer (Nov,25 2021 )

How Old Are Your Ears? HEARING TEST! (Nov,23 2021 )

Windows 11 Enterprise virtual machine - free (Nov,23 2021 )

It's Already Too Late, Things Are Getting Serious Elon Musk (2021) (Nov,23 2021 )

I've Got The Biggest Penis In The World (Nov,21 2021 )

How PlayStation 5 Was Built (feat. Mark Cerny) (Nov,21 2021 )

My GPU is 1000ft Away! (Nov,21 2021 )

MOMENTS YOU WON'T BELIEVE WERE CAUGHT ON CAMERA! (Nov,20 2021 )

11 Things I Hate About Windows 11 (Nov,20 2021 )

Sturgis South Dakota Motorcycle Rally (Nov,20 2021 )

You're in a PROGRAM. Here is the CODE. (Nov,19 2021 )

This is NOT a Soundbar (Nov,18 2021 )

PRAGMATA delayed to 2023 (Nov,18 2021 )

10 Tips for Windows Power Users (Nov,16 2021 )

Lost in Space - Official Trailer - Final Season (Nov,16 2021 )

NVIDIA GeForce 496.76 WHQL Driver (Nov,16 2021 )

Apple's REALLY tempting me... (Nov,16 2021 )

A G-Shock from the future for the metaverse! GMW-B5000TVA (Nov,16 2021 )

5 Reasons Windows 11 is NOT WORTH the Upgrade (Nov,14 2021 )

Samsung Galaxy S22 Ultra - Turning The Tables Again (Nov,13 2021 )

Hate Windows 11? Try this. (Nov,13 2021 )

AMD Radeon Software Adrenalin 21.11.2 Released (Nov,12 2021 )

888 The New World - Applications Now OPEN! (Nov,12 2021 )

I interviewed animals with a tiny mic again (Nov,10 2021 )

Samsung Galaxy S22 Ultra - World's First Smartphone To Have This (Nov,09 2021 )

I Spent a THOUSAND Dollars on HDMI Cables.. for Science (Nov,08 2021 )

Samsung Galaxy S22 Ultra - IT WAS TRUE (Nov,08 2021 )

STRANGER THINGS Season 4 "Dear Mike" Trailer (2022) (Nov,07 2021 )

A DISCOVERY OF WITCHES Trailer (2022) Official (Nov,07 2021 )

We Bought the CHEAPEST OLED TV How Bad Could It Be? (Nov,06 2021 )

Intel Did It: Core i9-12900K CPU Review & Benchmarks vs. AMD (Nov,05 2021 )

Intel Disables DirectX 12 API Loading on Haswell Processors (Nov,05 2021 )

THE BOOK OF BOBA FETT Trailer (2021) (Nov,04 2021 )

AMD Radeon Software Adrenalin 21.11.1 Released (Nov,04 2021 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs