Tra le note dell’aggiornamento di sistema rilasciato in giornata, Apple ha pubblicamente ringraziato il team Evad3rs – già autore del jailbreak di iOS 7.x e, in passato, di altri jailbreak – per aver segnalato alcune vulnerabilità corrette proprio in iOS 7.1.
Ecco le parti del changelog di iOS 7.1 in cui vengono ringraziati gli Evad3rs:
● Backup
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted backup can alter the filesystem
Description: A symbolic link in a backup would be restored, allowing subsequent operations during the restore to write to the rest of the filesystem. This issue was addressed by checking for symbolic links during the restore process.
CVE-2013-5133 : evad3rs● Crash Reporting
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A local user may be able to change permissions on arbitrary files
Description: CrashHouseKeeping followed symbolic links while changing permissions on files. This issue was addressed by not following symbolic links when changing permissions on files.
CVE-2014-1272 : evad3rs● dyld
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Code signing requirements may be bypassed
Description: Text relocation instructions in dynamic libraries may be loaded by dyld without code signature validation. This issue was addressed by ignoring text relocation instructions.
CVE-2014-1273 : evad3rs● Kernel
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel
Description: An out of bounds memory access issue existed in the ARM ptmx_get_ioctl function. This issue was addressed through improved bounds checking.
CVE-2014-1278 : evad3rs
Di seguito, invece, i punti del changelog in cui vengono ringraziate altre due personalità a noi note per via del jailbreak, ossia Stefan Esser e Filippo Bigarella:
● CoreCapture
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application can cause an unexpected system termination
Description: A reachable assertion issue existed in CoreCapture’s handling of IOKit API calls. The issue was addressed through additional validation of input from IOKit.
CVE-2014-1271 : Filippo Bigarella● iTunes Store
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A man-in-the-middle attacker may entice a user into downloading a malicious app via Enterprise App Download
Description: An attacker with a privileged network position could spoof network communications to entice a user into downloading a malicious app. This issue was mitigated by using SSL and prompting the user during URL redirects.
CVE-2014-1277 : Stefan Esser
Già in passato Apple aveva ringraziato i team di hacker o di singoli sviluppatori che avevano segnalato una o più vulnerabilità, poi corrette dalla stessa azienda di Cupertino.