The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information.

CVE-2021-30883

From The iPhone Wiki
Revision as of 19:59, 11 October 2021 by Nicolas17 (talk | contribs) (brief summary)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

On 11 October 2021, Apple released iOS 15.0.2 with a fix for CVE-2021-30883, a vulnerability in IOMobileFrameBuffer which allows kernel code execution, and has been exploited in the wild according to Apple. Note that is is not the same as CVE-2021-30807 which was fixed in 14.7.1.

Saar Amar quickly bindiff'd the kernel and wrote a blog post and PoC about this vulnerability.

Unlike CVE-2021-30807, this vulnerability is apparently exploitable from the app sandbox without any special entitlement.

Tango Utilities-terminal.png This exploit article is a "stub", an incomplete page. Please add more content to this article and remove this tag.
Retrieved from "https://www.theiphonewiki.com/w/index.php?title=CVE-2021-30883&oldid=118521"