checkm8 Exploit

From The iPhone Wiki
Revision as of 06:35, 26 September 2021 by Saagarjha (talk | contribs) (checkm8 is a use-after-free, not a heap overflow)
Jump to: navigation, search

The checkm8 exploit is a bootrom exploit with a CVE ID of CVE-2019-8900 used to run unsigned code on iOS, iPadOS, tvOS, watchOS, bridgeOS, audioOS, and Haywire devices with processors between an A5 and an A11, a S1P and a S3, a S5L8747, and a T2 (and thereby jailbreak it). Jailbreaks based on checkm8 are semi-tethered jailbreaks as the exploit works by taking advantage of a use-after-free in the USB DFU stack.

ipwndfu and checkra1n are currently the main tools capable of using the checkm8 exploit.

References